CVE-2005-0827

Name of the Vulnerable Software and Affected Versions RUNCMS version 1.1A Ciamos version 0.9.2 RC1 e-Xoops version 1.05 Rev3

Description The issue allows remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message.

Recommendations For RUNCMS version 1.1A, consider disabling the convertorderbytrans function until a patch is available. For Ciamos version 0.9.2 RC1, restrict access to the Viewcat.php file to minimize the risk of exploitation. For e-Xoops version 1.05 Rev3, avoid using the convertorderbytrans function in the Viewcat.php file until the issue is resolved.