Test Kennung:	1.3.6.1.4.1.25623.1.0.14356
Kategorie:	CGI abuses
Titel:	PHP-Fusion Database Backup Disclosure
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is using PHP-Fusion, a content management system, written in PHP which uses MySQL. A vulnerability exists in the remote version of this product which may allow an attacker to obtain a dump of the remote database. PHP-Fusion has the ability to create database backups and store them on the web server, in the directory fusion_admin/db_backups/. Since there is no access control on that directory, an attacker may guess the name of a backuped database and download it. Solution : Upgrade to the latest version of this software Risk factor : Medium
Querverweis:	BugTraq ID: 10974 Common Vulnerability Exposure (CVE) ID: CVE-2004-1724 http://www.securityfocus.com/bid/10974 Bugtraq: 20040818 Multiple vulnerabilities in PHP-FUSION (Google Search) http://marc.info/?l=bugtraq&m=109285292901685&w=2 http://secunia.com/advisories/12336 XForce ISS Database: phpfusion-database-file-access(17037) https://exchange.xforce.ibmcloud.com/vulnerabilities/17037
Copyright	This script is Copyright (C) 2004 Tenable Network Security

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.