Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for ciamos by ciamos

    CVE-2005-0828 (GCVE-0-2005-0828)

    Vulnerability from nvd – Published: 2005-03-22 05:00 – Updated: 2024-08-07 21:28
    VLAI
    Summary
    highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1013485 vdb-entryx_refsource_SECTRACK
    http://marc.info/?l=bugtraq&m=111125645312693&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/14890 vdb-entryx_refsource_OSVDB
    http://www.ihsteam.com/download/advisory/Exoops%2… x_refsource_MISC
    http://www.securityfocus.com/bid/12848 vdb-entryx_refsource_BID
    http://secunia.com/advisories/14648 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=111117241923006&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.ihsteam.com/download/sections/runcms%2… x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/14641 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-03-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:28:28.787Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1013485",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1013485"
              },
              {
                "name": "20050319 Ciamos Highlight.php Security Hole(IHS)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111125645312693\u0026w=2"
              },
              {
                "name": "14890",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/14890"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt"
              },
              {
                "name": "12848",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/12848"
              },
              {
                "name": "14648",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14648"
              },
              {
                "name": "20050318 runcms highlight.php hole",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111117241923006\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
              },
              {
                "name": "ciamos-file-information-disclosure(19754)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19754"
              },
              {
                "name": "14641",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14641"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-03-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1013485",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1013485"
            },
            {
              "name": "20050319 Ciamos Highlight.php Security Hole(IHS)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111125645312693\u0026w=2"
            },
            {
              "name": "14890",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/14890"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt"
            },
            {
              "name": "12848",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/12848"
            },
            {
              "name": "14648",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14648"
            },
            {
              "name": "20050318 runcms highlight.php hole",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111117241923006\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
            },
            {
              "name": "ciamos-file-information-disclosure(19754)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19754"
            },
            {
              "name": "14641",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14641"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-0828",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1013485",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1013485"
                },
                {
                  "name": "20050319 Ciamos Highlight.php Security Hole(IHS)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111125645312693\u0026w=2"
                },
                {
                  "name": "14890",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/14890"
                },
                {
                  "name": "http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt",
                  "refsource": "MISC",
                  "url": "http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt"
                },
                {
                  "name": "12848",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/12848"
                },
                {
                  "name": "14648",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14648"
                },
                {
                  "name": "20050318 runcms highlight.php hole",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111117241923006\u0026w=2"
                },
                {
                  "name": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf",
                  "refsource": "MISC",
                  "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
                },
                {
                  "name": "ciamos-file-information-disclosure(19754)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19754"
                },
                {
                  "name": "14641",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14641"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-0828",
        "datePublished": "2005-03-22T05:00:00.000Z",
        "dateReserved": "2005-03-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:28:28.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0827 (GCVE-0-2005-0827)

    Vulnerability from nvd – Published: 2005-03-22 05:00 – Updated: 2024-08-07 21:28
    VLAI
    Summary
    Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=111125588920928&w=2 mailing-listx_refsource_BUGTRAQ
    http://marc.info/?l=bugtraq&m=111117182417422&w=2 mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.ihsteam.com/download/sections/runcms%2… x_refsource_MISC
    http://secunia.com/advisories/14641 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-03-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:28:28.510Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20050319 Ciamos Installation path(IHS)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111125588920928\u0026w=2"
              },
              {
                "name": "20050318 runcms installation path",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111117182417422\u0026w=2"
              },
              {
                "name": "ciamos-viewcat-path-disclosure(19755)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19755"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
              },
              {
                "name": "14641",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14641"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-03-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20050319 Ciamos Installation path(IHS)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111125588920928\u0026w=2"
            },
            {
              "name": "20050318 runcms installation path",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111117182417422\u0026w=2"
            },
            {
              "name": "ciamos-viewcat-path-disclosure(19755)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19755"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
            },
            {
              "name": "14641",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14641"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-0827",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20050319 Ciamos Installation path(IHS)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111125588920928\u0026w=2"
                },
                {
                  "name": "20050318 runcms installation path",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111117182417422\u0026w=2"
                },
                {
                  "name": "ciamos-viewcat-path-disclosure(19755)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19755"
                },
                {
                  "name": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf",
                  "refsource": "MISC",
                  "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
                },
                {
                  "name": "14641",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14641"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-0827",
        "datePublished": "2005-03-22T05:00:00.000Z",
        "dateReserved": "2005-03-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:28:28.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0828 (GCVE-0-2005-0828)

    Vulnerability from cvelistv5 – Published: 2005-03-22 05:00 – Updated: 2024-08-07 21:28
    VLAI
    Summary
    highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1013485 vdb-entryx_refsource_SECTRACK
    http://marc.info/?l=bugtraq&m=111125645312693&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/14890 vdb-entryx_refsource_OSVDB
    http://www.ihsteam.com/download/advisory/Exoops%2… x_refsource_MISC
    http://www.securityfocus.com/bid/12848 vdb-entryx_refsource_BID
    http://secunia.com/advisories/14648 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=111117241923006&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.ihsteam.com/download/sections/runcms%2… x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/14641 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-03-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:28:28.787Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1013485",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1013485"
              },
              {
                "name": "20050319 Ciamos Highlight.php Security Hole(IHS)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111125645312693\u0026w=2"
              },
              {
                "name": "14890",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/14890"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt"
              },
              {
                "name": "12848",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/12848"
              },
              {
                "name": "14648",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14648"
              },
              {
                "name": "20050318 runcms highlight.php hole",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111117241923006\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
              },
              {
                "name": "ciamos-file-information-disclosure(19754)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19754"
              },
              {
                "name": "14641",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14641"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-03-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1013485",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1013485"
            },
            {
              "name": "20050319 Ciamos Highlight.php Security Hole(IHS)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111125645312693\u0026w=2"
            },
            {
              "name": "14890",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/14890"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt"
            },
            {
              "name": "12848",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/12848"
            },
            {
              "name": "14648",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14648"
            },
            {
              "name": "20050318 runcms highlight.php hole",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111117241923006\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
            },
            {
              "name": "ciamos-file-information-disclosure(19754)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19754"
            },
            {
              "name": "14641",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14641"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-0828",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1013485",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1013485"
                },
                {
                  "name": "20050319 Ciamos Highlight.php Security Hole(IHS)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111125645312693\u0026w=2"
                },
                {
                  "name": "14890",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/14890"
                },
                {
                  "name": "http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt",
                  "refsource": "MISC",
                  "url": "http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt"
                },
                {
                  "name": "12848",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/12848"
                },
                {
                  "name": "14648",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14648"
                },
                {
                  "name": "20050318 runcms highlight.php hole",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111117241923006\u0026w=2"
                },
                {
                  "name": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf",
                  "refsource": "MISC",
                  "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
                },
                {
                  "name": "ciamos-file-information-disclosure(19754)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19754"
                },
                {
                  "name": "14641",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14641"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-0828",
        "datePublished": "2005-03-22T05:00:00.000Z",
        "dateReserved": "2005-03-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:28:28.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0827 (GCVE-0-2005-0827)

    Vulnerability from cvelistv5 – Published: 2005-03-22 05:00 – Updated: 2024-08-07 21:28
    VLAI
    Summary
    Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=111125588920928&w=2 mailing-listx_refsource_BUGTRAQ
    http://marc.info/?l=bugtraq&m=111117182417422&w=2 mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.ihsteam.com/download/sections/runcms%2… x_refsource_MISC
    http://secunia.com/advisories/14641 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-03-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:28:28.510Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20050319 Ciamos Installation path(IHS)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111125588920928\u0026w=2"
              },
              {
                "name": "20050318 runcms installation path",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111117182417422\u0026w=2"
              },
              {
                "name": "ciamos-viewcat-path-disclosure(19755)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19755"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
              },
              {
                "name": "14641",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14641"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-03-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20050319 Ciamos Installation path(IHS)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111125588920928\u0026w=2"
            },
            {
              "name": "20050318 runcms installation path",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111117182417422\u0026w=2"
            },
            {
              "name": "ciamos-viewcat-path-disclosure(19755)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19755"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
            },
            {
              "name": "14641",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14641"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-0827",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20050319 Ciamos Installation path(IHS)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111125588920928\u0026w=2"
                },
                {
                  "name": "20050318 runcms installation path",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111117182417422\u0026w=2"
                },
                {
                  "name": "ciamos-viewcat-path-disclosure(19755)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19755"
                },
                {
                  "name": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf",
                  "refsource": "MISC",
                  "url": "http://www.ihsteam.com/download/sections/runcms%20advisory%20-%20eng.pdf"
                },
                {
                  "name": "14641",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14641"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-0827",
        "datePublished": "2005-03-22T05:00:00.000Z",
        "dateReserved": "2005-03-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:28:28.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }