2 matches found
CVE-2005-2075
PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/dbbackups directory in PHP-Fusion 6.0 ...
CVE-2005-2075
PHP-Fusion versions 5.0–6.0 store database backups in predictable paths under the web root (administration/db_backups in 6.0 or fusion_admin/db_backups in 5.0), enabling remote attackers to disclose sensitive information via direct requests. The vulnerability is categorized as an information disc...