diff --git a/http/exposures/backups/php-backup-files.yaml b/http/exposures/backups/php-backup-files.yaml
index 1394d02f9a1..81c6bb2b68a 100644
--- a/http/exposures/backups/php-backup-files.yaml
+++ b/http/exposures/backups/php-backup-files.yaml
@@ -2,7 +2,7 @@ id: php-backup-files
 
 info:
   name: PHP Source - Backup File Information Disclosure
-  author: StreetOfHackerR007,pwnhxl,mastercho
+  author: StreetOfHackerR007,pwnhxl,mastercho,0xpugazh
   severity: medium
   metadata:
     max-request: 1196
@@ -62,6 +62,7 @@ http:
         - /wp-login.php
         - /config.php
         - /config
+        - /const.DB.php.bak
 
       bakext:
         - ".~"
@@ -114,7 +115,8 @@ http:
           - "$_REQUEST["
           - "$_SERVER["
           - "'DB_PASSWORD'"
-          - "define('DB_"
+          - "'DBPASS'"
+          - "define('DB"
         condition: or
 
       - type: word