Filtered by vendor Dotbr
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1404 | 1 Dotbr | 1 Botbr | 2023-12-10 | 7.5 HIGH | N/A |
| DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords. | |||||
| CVE-2003-1403 | 1 Dotbr | 1 Botbr | 2023-12-10 | 7.5 HIGH | N/A |
| foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. | |||||
| CVE-2003-1405 | 1 Dotbr | 1 Botbr | 2023-12-10 | 7.5 HIGH | N/A |
| DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3. | |||||