In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames.
                
            References
                    | Link | Resource | 
|---|---|
| https://github.com/srsec/-srsec-/issues/1 | Exploit Third Party Advisory | 
| https://github.com/srsec/-srsec-/issues/1 | Exploit Third Party Advisory | 
Configurations
                    History
                    21 Nov 2024, 04:23
| Type | Values Removed | Values Added | 
|---|---|---|
| References | () https://github.com/srsec/-srsec-/issues/1 - Exploit, Third Party Advisory | 
Information
                Published : 2019-06-03 00:29
Updated : 2024-11-21 04:23
NVD link : CVE-2019-12564
Mitre link : CVE-2019-12564
CVE.ORG link : CVE-2019-12564
JSON object : View
Products Affected
                douco
- douphp
CWE
                
                    
                        
                        CWE-287
                        
            Improper Authentication
