Test ID:	1.3.6.1.4.1.25623.1.0.56874
Category:	CGI abuses
Title:	RunCMS Database Configuration Information Disclosure
Summary:	NOSUMMARY
Description:	Description: The remote version of RunCMS, according to its version number, is vulnerable to an information disclosure vulnerability that allows attackers to determine database configuration info such as the database name, username, and password. Versions up to 1.1 are known to be vulnerable. Solution : Upgrade to a later version. Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	BugTraq ID: 12848 Common Vulnerability Exposure (CVE) ID: CVE-2005-0828 http://www.securityfocus.com/bid/12848 Bugtraq: 20050318 runcms highlight.php hole (Google Search) http://marc.info/?l=bugtraq&m=111117241923006&w=2 Bugtraq: 20050319 Ciamos Highlight.php Security Hole(IHS) (Google Search) http://marc.info/?l=bugtraq&m=111125645312693&w=2 http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf http://www.osvdb.org/14890 http://securitytracker.com/id?1013485 http://secunia.com/advisories/14641 http://secunia.com/advisories/14648 XForce ISS Database: ciamos-file-information-disclosure(19754) https://exchange.xforce.ibmcloud.com/vulnerabilities/19754
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.