Detections
Analytics

Basilix Webmail id Variable SQL Injection

medium Nessus Plugin ID 14219

Language:

Synopsis

The remote web server contains PHP scripts that are prone to SQL injection attacks.

Description

The remote host appears to be running a BasiliX version 1.1.0 or lower. Such versions are potentially vulnerable to SQL injection attacks depending on the version of PHP installed.

Solution

Upgrade to BasiliX version 1.1.1 or later.

See Also

http://www.nessus.org/u?b3972e49

Plugin Details

Severity: Medium

ID: 14219

File Name: basilix_sql_injection.nasl

Version: 1.22

Type: remote

Family: CGI abuses

Published: 8/9/2004

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 5.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Vulnerability Information

Required KB Items: www/basilix

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 6/18/2002

Reference Information

CVE: CVE-2002-1709

BID: 5061