DotBr 0.1 System.PHP3 - Remote Command Execution Vulnerability

2003-02-15T00:00:00
ID EDB-ID:22253
Type exploitdb
Reporter frog
Modified 2003-02-15T00:00:00

Description

DotBr 0.1 System.PHP3 Remote Command Execution Vulnerability. CVE-2003-1405. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/6866/info

The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the webserver process. 

http://www.example.com/admin/system.php3?cmd=[COMMAND]