CVE-2025-60312

Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting XSS in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button...

CVE-2025-60312

Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting XSS in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button...

CVE-2025-60312

Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting XSS in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button...

CVE-2025-60312

CVE-2025-60312 affects Sourcecodester Markdown to HTML Converter v1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw in the "Markdown Input" field that allows a remote attacker to inject arbitrary HTML/JavaScript code, executed in the victim’s browser when the user clicks the "Convert to...

[SECURITY] Fedora 42 Update: man2html-1.6-39.g.fc42

man2html is a man page to HTML converter. This package contains CGI scripts that allow you to view, browse, and search man pages using a web server...

[SECURITY] Fedora 40 Update: man2html-1.6-39.g.fc40

man2html is a man page to HTML converter. This package contains CGI scripts that allow you to view, browse, and search man pages using a web server...

[SECURITY] Fedora 41 Update: man2html-1.6-39.g.fc41

man2html is a man page to HTML converter. This package contains CGI scripts that allow you to view, browse, and search man pages using a web server...

CVE-2024-31988 XWiki Platform CSRF remote code execution through the realtime HTML Converter API

XWiki Platform is a generic wiki platform. Starting in version 13.9-rc-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, when the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, b...

CVE-2024-31988 XWiki Platform CSRF remote code execution through the realtime HTML Converter API

XWiki Platform is a generic wiki platform. Starting in version 13.9-rc-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, when the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, b...

GHSA-R5VH-GC3R-R24W XWiki Platform CSRF remote code execution through the realtime HTML Converter API

Impact When the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by getting an admin user to either visit a crafted URL or to view an image with this URL that could be in a comment, the...

XWiki Platform CSRF remote code execution through the realtime HTML Converter API

Impact When the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by getting an admin user to either visit a crafted URL or to view an image with this URL that could be in a comment, the...

编号撤回

XpdfReader is XpdfReader open source a free PDF viewer and toolkit . Including text extractor , image converter , HTML converter and so on. This CVE number has been withdrawn...

SUSE CVE-2018-8105

The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

UBUNTU-CVE-2023-22457

CKEditor Integration UI adds support for editing wiki pages using CKEditor. Prior to versions 1.64.3,t he CKEditor.HTMLConverter document lacked a protection against Cross-Site Request Forgery CSRF, allowing to execute macros with the rights of the current user. If a privileged user with...

PT-2023-4802 · Unknown · Ckeditor Integration Ui +1

Name of the Vulnerable Software and Affected Versions: CKEditor Integration UI versions prior to 1.64.3 XWiki Platform versions prior to 14.6 RC1 Description: The issue is related to insufficient authentication checks for executed requests in the CKEditor integration interface of the XWiki...

rtf2html 缓冲区错误漏洞

rtf2html is an RTF to HTML converter by Valentin Lavrinenko, a personal developer. A security vulnerability exists in rtf2html version v0.2.0, which stems from a heap-based buffer overflow in /rtf2html/. /rtftools.h suffers from a heap-based buffer overflow...

[SECURITY] Fedora 27 Update: python-markdown2-2.3.6-1.fc27

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

VeryPDF HTML Converter 2.0 Buffer Overflow

Exploit Title: VeryPDF HTML Converter v2.0 SEH/ToLower Bypass Buffer Overflow Date: 9-6-2015 Target tested: Windows 7 x86/x64 Software Link: http://www.verypdf.com/htmltools/winhtmltools.exe Exploit Author: Robbie Corley Contact: [email protected] Website: CVE: Category: Local Exploit...

VeryPDF HTML Converter 2.0 - Local Buffer Overflow (SEH/ToLower() Bypass)

Exploit Title: VeryPDF HTML Converter v2.0 SEH/ToLower Bypass Buffer Overflow Date: 9-6-2015 Target tested: Windows 7 x86/x64 Software Link: http://www.verypdf.com/htmltools/winhtmltools.exe Exploit Author: Robbie Corley Contact: [email protected] Website: CVE: Category: Local Exploit...

VeryPDF HTML Converter 2.0 - Local Buffer Overflow (SEHToLower() Bypass)

VeryPDF HTML Converter 2.0 - Local Buffer Overflow SEHToLower Bypass Exploit Title: VeryPDF HTML Converter v2.0 SEH/ToLower Bypass Buffer Overflow Date: 9-6-2015 Target tested: Windows 7 x86/x64 Software Link: http://www.verypdf.com/htmltools/winhtmltools.exe Exploit Author: Robbie Corley Contact...