DotBr
by Dotbr
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-1405 | 0.04 | — | 0.10 | Dec 31, 2003 | DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3. | |||
| CVE-2003-1403 | 0.00 | — | 0.01 | Dec 31, 2003 | foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. | |||
| CVE-2003-1404 | 0.00 | — | 0.01 | Dec 31, 2003 | DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords. |
- CVE-2003-1405Dec 31, 2003risk 0.04cvss —epss 0.10
DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3.
- CVE-2003-1403Dec 31, 2003risk 0.00cvss —epss 0.01
foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function.
- CVE-2003-1404Dec 31, 2003risk 0.00cvss —epss 0.01
DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords.