English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2005-0828
Description:highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php.
Test IDs: 1.3.6.1.4.1.25623.1.0.56874  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2005-0828
BugTraq ID: 12848
http://www.securityfocus.com/bid/12848
Bugtraq: 20050318 runcms highlight.php hole (Google Search)
http://marc.info/?l=bugtraq&m=111117241923006&w=2
Bugtraq: 20050319 Ciamos Highlight.php Security Hole(IHS) (Google Search)
http://marc.info/?l=bugtraq&m=111125645312693&w=2
http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt
http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf
http://www.osvdb.org/14890
http://securitytracker.com/id?1013485
http://secunia.com/advisories/14641
http://secunia.com/advisories/14648
XForce ISS Database: ciamos-file-information-disclosure(19754)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19754



© 1998-2025 E-Soft Inc. All rights reserved.