https://www.exploit-db.com/exploits/22254
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-315

Dotbr是一款由PHP编写脚本程序。Dotbr包含的’system.php3’脚本对用户提交的输入缺少正确过滤，远程攻击者可以利用这个漏洞以WEB进程权限在系统上执行任意命令。’system.php3’脚本对用户提交给cmd参数的数据缺少正确过滤，攻击者可以提交包含SHELL命令的恶意请求，以WEB进程权限在系统上执行任意命令。

source: http://www.securityfocus.com/bid/6867/info

The DotBr 'exec.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the webserver process. 

http://www.example.com/admin/exec.php3?cmd=[COMMAND]

来源:XF
名称:dotbr-exec-execute-commands(11355)
链接:http://xforce.iss.net/xforce/xfdb/11355
来源:BID
名称:6867
链接:http://www.securityfocus.com/bid/6867
来源:BID
名称:6866
链接:http://www.securityfocus.com/bid/6866
来源:VULNWATCH
名称:20030215DotBr(PHP)
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.html
来源:OSVDB
名称:5090
链接:http://www.osvdb.org/5090
来源:OSVDB
名称:5089
链接:http://www.osvdb.org/5089
来源：NSFOCUS
名称：4411※4410
链接：http://www.nsfocus.net/vulndb/4411※4410