CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-2075

PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/db_backups directory in PHP-Fusion 6.0 or the fusion_admin/db_backups directory in 5.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.034

EPSS Ranking 87.1%

CVSS Severity

CVSS v2 Score 5.0

References

http://dark-assassins.com/forum/viewtopic.php?t=142
http://secunia.com/advisories/15830
http://www.vupen.com/english/advisories/2005/0888
http://dark-assassins.com/forum/viewtopic.php?t=142
http://secunia.com/advisories/15830
http://www.vupen.com/english/advisories/2005/0888

Products affected by CVE-2005-2075

Php Fusion » Php Fusion » Version: 5.0

cpe:2.3:a:php_fusion:php_fusion:5.0
Php Fusion » Php Fusion » Version: 6.0

cpe:2.3:a:php_fusion:php_fusion:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-2075

Products

Pricing

Contact Us