EUVD-2003-1395

Malware in sbrugna...

EUVD-2003-1393

Malware in sbrugna...

DotBr 0.1 Exec.PHP3 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6867/info The DotBr 'exec.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands...

DotBr 0.1 System.PHP3 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6866/info The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell comman...

CVE-2003-1404

DotBr 0.1 stores its config.inc under the web document root with insufficient access control, enabling remote attackers to obtain sensitive data such as SQL usernames and passwords. The CVE entry (CVE-2003-1404) lists a high impact (base score 7.5, confidentiality and integrity partial) and notes...

CVE-2003-1405

DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to 1 exec.php3 or 2 system.php3...

CVE-2003-1404

DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords...

CVE-2003-1403

The CVE-2003-1403 entry concerns DotBr 0.1: a vulnerability in foo.php3 that allows remote attackers to obtain sensitive information by making a direct request that triggers the phpinfo function. This exposes partial confidentiality and partial integrity/availability according to the NVD CVSS vec...

CVE-2003-1405

Technical details about CVE-2003-1405 are not publicly provided in the supplied documents; monitor for updates.

CVE-2003-1404

DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords...

CVE-2003-1405

DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to 1 exec.php3 or 2 system.php3...

CVE-2003-1403

foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function...

DotBr (PHP)

Informations : °°°°°°°°°°°°°° Website : http://dotbr.org Version : 0.1 Problems : - phpinfo - Informations disclosure - System commands execution PHP Code/Location : °°°°°°°°°°°°°°°°°°° foo.php3 : --------------------- ? phpinfo; ? --------------------- config.inc : - SQL password - SQL host - SQ...

DotBr 0.1 - 'System.php3' Remote Command Execution

source: https://www.securityfocus.com/bid/6866/info The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the...

DotBr 0.1 - Exec.php3 Remote Command Execution

DotBr 0.1 - Exec.php3 Remote Command Execution source: https://www.securityfocus.com/bid/6867/info The DotBr 'exec.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary...

DotBr 0.1 - System.php3 Remote Command Execution

DotBr 0.1 - System.php3 Remote Command Execution source: https://www.securityfocus.com/bid/6866/info The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitra...