Vulnerability Details CVE-2003-1404
DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.html
- http://www.osvdb.org/5092
- http://www.securityfocus.com/bid/6865
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11354
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.html
- http://www.osvdb.org/5092
- http://www.securityfocus.com/bid/6865
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11354