Vulnerabilities > CVE-2005-2075 - Unspecified vulnerability in PHP Fusion PHP Fusion 5.0/6.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/db_backups directory in PHP-Fusion 6.0 or the fusion_admin/db_backups directory in 5.0.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit. CVE-2005-2075. Webapps exploit for php platform |
id | EDB-ID:1068 |
last seen | 2016-01-31 |
modified | 2005-06-25 |
published | 2005-06-25 |
reporter | Easyex |
source | https://www.exploit-db.com/download/1068/ |
title | PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit |
Nessus
NASL family | CGI abuses |
NASL id | PHP_FUSION_6_00_105.NASL |
description | According to its banner, the remote host is running a version of PHP-Fusion that is affected by multiple vulnerabilities : - An Information Disclosure Vulnerability PHP Fusion stores database backups in a known location within the web server |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 19232 |
published | 2005-07-20 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/19232 |
title | PHP-Fusion <= 6.00.105 Multiple Vulnerabilities |
code |
|