PHP-Fusion 'db_backup.php' Information Disclosure Vulnerability
BID:58270
Info
PHP-Fusion 'db_backup.php' Information Disclosure Vulnerability
| Bugtraq ID: | 58270 |
| Class: | Design Error |
| CVE: |
CVE-2013-1807 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 04 2013 12:00AM |
| Updated: | Mar 04 2013 12:00AM |
| Credit: | Janek Vind |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
PHP-Fusion 'db_backup.php' Information Disclosure Vulnerability
PHP-Fusion is prone to an information-disclosure vulnerability.
An attacker may exploit this issue to obtain sensitive information.
PHP-Fusion 7.02.05 is vulnerable; other versions may also be affected.
PHP-Fusion is prone to an information-disclosure vulnerability.
An attacker may exploit this issue to obtain sensitive information.
PHP-Fusion 7.02.05 is vulnerable; other versions may also be affected.
Exploit / POC
PHP-Fusion 'db_backup.php' Information Disclosure Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
PHP-Fusion 'db_backup.php' Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
PHP-Fusion 'db_backup.php' Information Disclosure Vulnerability
References:
References:
- [waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05 (Janek Vind )
- PHP-Fusion Homepage (PHP-Fusion)