VYPR
Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026

CVE-2005-0828

CVE-2005-0828

Description

highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Ciamos/Ciamos CMS2 versions
    cpe:2.3:a:ciamos:ciamos:0.9.2_rc1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ciamos:ciamos:0.9.2_rc1:*:*:*:*:*:*:*
    • (no CPE)range: =0.9.2 RC1
  • E Xoops/E Xoops2 versions
    cpe:2.3:a:e-xoops:e-xoops:1.05r3:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:e-xoops:e-xoops:1.05r3:*:*:*:*:*:*:*
    • (no CPE)range: =1.05 Rev3
  • Runcms/Runcms2 versions
    cpe:2.3:a:runcms:runcms:1.1a:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:runcms:runcms:1.1a:*:*:*:*:*:*:*
    • (no CPE)range: =1.1A

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.