Database Backup File Disclosure Vulnerability in DouCo DouPHP v1.5 Release 20190516

Database Backup File Disclosure Vulnerability in DouCo DouPHP v1.5 Release 20190516

CVE-2019-12564 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.