CVE-2003-1405
published 2003-12-31CVE-2003-1405: DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3.
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.98%
89.2th percentile
DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dotbr | botbr | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
DotBr 0.1 - 'Exec.php3' Remote Command Execution
exploitdb·2003-02-15
CVE-2003-1405 DotBr 0.1 - 'Exec.php3' Remote Command Execution
DotBr 0.1 - 'Exec.php3' Remote Command Execution
---
source: https://www.securityfocus.com/bid/6867/info
The DotBr 'exec.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the webserver process.
http://www.example.com/admin/exec.php3?cmd=[COMMAND]
Exploit-DB
DotBr 0.1 - 'System.php3' Remote Command Execution
exploitdb·2003-02-15
CVE-2003-1405 DotBr 0.1 - 'System.php3' Remote Command Execution
DotBr 0.1 - 'System.php3' Remote Command Execution
---
source: https://www.securityfocus.com/bid/6866/info
The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the webserver process.
http://www.example.com/admin/system.php3?cmd=[COMMAND]
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.htmlhttp://www.osvdb.org/5089http://www.osvdb.org/5090http://www.securityfocus.com/bid/6866http://www.securityfocus.com/bid/6867https://exchange.xforce.ibmcloud.com/vulnerabilities/11355http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.htmlhttp://www.osvdb.org/5089http://www.osvdb.org/5090http://www.securityfocus.com/bid/6866http://www.securityfocus.com/bid/6867https://exchange.xforce.ibmcloud.com/vulnerabilities/11355
2003-12-31
Published