VYPR
Unrated severityNVD Advisory· Published Apr 30, 2014· Updated Jun 16, 2026

CVE-2013-1807

CVE-2013-1807

Description

PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information via a direct request to the backup file in administration/db_backups/.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:php-fusion:php-fusion:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:php-fusion:php-fusion:*:*:*:*:*:*:*:*range: <=7.02.05
    • cpe:2.3:a:php-fusion:php-fusion:7.02.01:*:*:*:*:*:*:*
    • cpe:2.3:a:php-fusion:php-fusion:7.02.02:*:*:*:*:*:*:*
    • cpe:2.3:a:php-fusion:php-fusion:7.02.03:*:*:*:*:*:*:*
    • cpe:2.3:a:php-fusion:php-fusion:7.02.04:*:*:*:*:*:*:*
    • (no CPE)range: <7.02.06

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.