|
| HOMEPAGE | INDICE FORUM | REGOLAMENTO | ::. | NEI PREFERITI | .:: | RSS Forum | RSS News | NEWS web | NEWS software | |
| PUBBLICITA' | | | ARTICOLI | WIN XP | VISTA | WIN 7 | REGISTRI | SOFTWARE | MANUALI | RECENSIONI | LINUX | HUMOR | HARDWARE | DOWNLOAD | | | CERCA nel FORUM » | |
20-08-2004, 14.33.30 | #1 |
Gold Member
Top Poster
Registrato: 26-08-2000
Loc.: tokyo city
Messaggi: 8.374
|
PHP-Fusion Public Accessible Database Backups
y3dips has reported a vulnerability in PHP-Fusion, allowing malicious people to view sensitive data. 1) Path information can be disclosed in error pages by passing invalid input or accessing scripts directly. Examples: fusion/fusion_admin/updateuser.php fusion/fusion_admin/forums_prune.php 2) Database backup files are placed in a public accessible folder with easily guessable names. Backups are named using the date and time and is placed in "fusion/fusion_admin/db_backups/". This has been reported in PHP-Fusion 4.0.0 other versions may also be affected. Leggi: http://secunia.com/advisories/12336/ |
Utenti attualmente attivi che stanno leggendo questa discussione: 1 (0 utenti e 1 ospiti) | |
Strumenti discussione | |
|
|
Discussioni simili | ||||
Discussione | Autore discussione | Forum | Risposte | Ultimo messaggio |
Introduzione ai database | GiulioCesare | Programmazione | 1 | 03-06-2005 01.48.45 |
Apache 2 e PHP 5 | realtebo | Internet e Reti locali | 2 | 07-09-2004 09.16.14 |
login in php con database | nemesis | Programmazione | 4 | 29-05-2004 00.30.58 |
php e database | nemesis | Programmazione | 9 | 10-05-2004 19.14.16 |