4 matches found
CVE-2004-1724
CVE-2004-1724 affects PHP-Fusion 4.0 where the ReadMe First.txt instructs setting fusion_admin/db_backups to 777. This world-writable directory enables remote attackers to download or view backups, which have easily guessable filenames and contain administrator usernames and passwords. Root cause...
CVE-2004-1724
The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusionadmin/dbbackups directory to world read/write/execute 777, which allows remote attackers to download or view database backups, which have easily guessable filenames and contain the administrator userna...
PHP-Fusion Database Backup Disclosure
A vulnerability exists in the remote version of PHP-Fusion that may allow an attacker to obtain a dump of the remote database. PHP-Fusion has the ability to create database backups and store them on the web server, in the directory '/fusionadmin/dbbackups/'. Since there is no access control on th...
CVE-2004-1724
The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusionadmin/dbbackups directory to world read/write/execute 777, which allows remote attackers to download or view database backups, which have easily guessable filenames and contain the administrator userna...