CVE-2001-1044 Information

Description

Basilix Webmail 0.9.7beta and possibly other versions stores *.class and *.inc files under the document root and does not restrict access which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.

Reference

http://www.securityfocus.com/archive/1/155897 http://www.securityfocus.com/bid/2198 https://exchange.xforce.ibmcloud.com/vulnerabilities/5934