EUVD-2003-1393

Malware in sbrugna...

CVE-2003-1404

DotBr 0.1 stores its config.inc under the web document root with insufficient access control, enabling remote attackers to obtain sensitive data such as SQL usernames and passwords. The CVE entry (CVE-2003-1404) lists a high impact (base score 7.5, confidentiality and integrity partial) and notes...

CVE-2003-1404

DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords...

CVE-2003-1405

DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to 1 exec.php3 or 2 system.php3...

CVE-2003-1405

Technical details about CVE-2003-1405 are not publicly provided in the supplied documents; monitor for updates.

CVE-2003-1403

The CVE-2003-1403 entry concerns DotBr 0.1: a vulnerability in foo.php3 that allows remote attackers to obtain sensitive information by making a direct request that triggers the phpinfo function. This exposes partial confidentiality and partial integrity/availability according to the NVD CVSS vec...

CVE-2003-1405

DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to 1 exec.php3 or 2 system.php3...

CVE-2003-1403

foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function...