Vulnerability Details CVE-2003-1404
DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 68.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.html
- http://www.osvdb.org/5092
- http://www.securityfocus.com/bid/6865
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11354
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.html
- http://www.osvdb.org/5092
- http://www.securityfocus.com/bid/6865
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11354