DotBr 0.1 Exec.PHP3 - Remote Command Execution Vulnerability

2003-02-15T00:00:00
ID EDB-ID:22254
Type exploitdb
Reporter frog
Modified 2003-02-15T00:00:00

Description

DotBr 0.1 Exec.PHP3 Remote Command Execution Vulnerability. CVE-2003-1405 . Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/6867/info

The DotBr 'exec.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the webserver process. 

http://www.example.com/admin/exec.php3?cmd=[COMMAND]