发布时间 :2005-05-02 00:00:00
修订时间 :2016-10-17 23:14:58

[原文]highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php.


        (1)RUNCMS 1.1A,(2)CIAMOS 0.9.2 RC1,(3)e-Xoops 1.05 Rev3及可能的其他基于e-Xoops (exoops)的产品中的highlight.php使得远程攻击者可以通过在文件参数中指定路径名来读取任意PHP文件,如从mainfile.php中读取数据库配置信息。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20050318 runcms highlight.php hole
(UNKNOWN)  BUGTRAQ  20050319 Ciamos Highlight.php Security Hole(IHS)
(UNKNOWN)  BID  12848
(UNKNOWN)  XF  ciamos-file-information-disclosure(19754)

- 漏洞信息

中危 设计错误
2005-05-02 00:00:00 2005-10-20 00:00:00
        (1)RUNCMS 1.1A,(2)CIAMOS 0.9.2 RC1,(3)e-Xoops 1.05 Rev3及可能的其他基于e-Xoops (exoops)的产品中的highlight.php使得远程攻击者可以通过在文件参数中指定路径名来读取任意PHP文件,如从mainfile.php中读取数据库配置信息。

- 公告与补丁


- 漏洞信息

E-Xoops highlight.php Information Disclosure
Remote / Network Access Information Disclosure
Loss of Confidentiality Solution Unknown
Exploit Public

- 漏洞描述

E-Xoops contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker invokes highlight.php to view the source code of mainfile.php, which will disclose database connection information, including the password resulting in a loss of confidentiality.

- 时间线

2005-03-19 Unknow
2005-03-19 Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

RunCMS Database Configuration Information Disclosure Vulnerability
Design Error 12848
Yes No
2005-03-18 12:00:00 2009-07-12 10:56:00
Discovery of this vulnerability is credited to "Majid NT" <>.

- 受影响的程序版本

RunCMS RunCMS 1.1
E-Xoops E-Xoops 1.0 5r3

- 漏洞讨论

RunCMS is reportedly affected by an information disclosure vulnerability. This issue is due to a failure in the application to secure sensitive information.

Exploitation of this vulnerability could lead to the disclosure of database configuration details, including the database name, user name and password.

RunCMS was formerly named E-Xoops.

- 漏洞利用

No exploit is required.

The following proof of concept is available:[runcms]/class/debug/highlight.php?file=[runcmsinstallationpath]\mainfile.php&amp;line=151#151

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: <>.

- 相关参考