### [CVE-2004-1724](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1724)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_backups directory to world read/write/execute (777), which allows remote attackers to download or view database backups, which have easily guessable filenames and contain the administrator username and password.

### POC

#### Reference
- http://marc.info/?l=bugtraq&m=109285292901685&w=2

#### Github
No PoCs found on GitHub currently.