cbcvebase.
CVE-2013-1807
published 2014-04-30

CVE-2013-1807: PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote…

PriorityP334medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
7.62%
93.8th percentile
PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information via a direct request to the backup file in administration/db_backups/.

Affected

5 ranges
VendorProductVersion rangeFixed in
php-fusionphp-fusion<= 7.02.05
php-fusionphp-fusion
php-fusionphp-fusion
php-fusionphp-fusion
php-fusionphp-fusion
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.