Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP-Fusion Permissions Privileges and Access Controls Vulnerability - CVE-2013-1807 - Vulnerability Database
PHP-Fusion

PHP-Fusion Permissions Privileges and Access Controls Vulnerability - CVE-2013-1807

Medium
Reference: CVE-2013-1807
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-1807
Title: PHP-Fusion Permissions Privileges and Access Controls Vulnerability
Overview:

PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root which might allow remote attackers to obtain sensitive information via a direct request to the backup file in administration/db_backups/.