Vulnerabilities

CVE-2005-2075

by Fred · 29/06/2005

PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/db_backups directory in PHP-Fusion 6.0 or the fusion_admin/db_backups directory in 5.0.

Date published : 2005-06-29

http://dark-assassins.com/forum/viewtopic.php?t=142

http://secunia.com/advisories/15830

Related

Tags: Cybersecurity Alert