CVE-2012-3399
Config/diff.php in Basilic 1.5.14 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter.
Date published : 2012-07-12
http://www.securityfocus.com/bid/54234
http://archives.neohapsis.com/archives/bugtraq/2012-07/0002.html