|
|
CVE Reference: CVE-2005-0828 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-0828 |
|
|
Description: highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/19754 ST 1013485 SAID Secunia Advisory: SA14641 Secunia Advisory: SA14648 OSVDB 14890 MISC http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=111117241923006&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=111125645312693&w=2 BID 12848 |
|
| Return to the previous page. |
