Lucene search
K

89 matches found

Mageia
Mageia
added 2013/06/06 12:24 p.m.47 views

Updated php-geshi package fix security vulnerabilities

A directory traversal and information disclosure local file inclusion flaws were found in the cssgen contrib module application to generate custom CSS files of GeSHi, a generic syntax highlighter, performed sanitization of 'geshi-path' and 'geshi-lang-path' HTTP GET / POST variables. A remote...

4.3CVSS1.4AI score0.0163EPSS
Exploits1References1
Patchstack
Patchstack
added 2012/10/15 12:0 a.m.11 views

WordPress Crayon Syntax Highlighter - Remote File Inclusion

WordPress Crayon Syntax Highlighter plugin's "wpload" parameter is prone to a remote file include vulnerability. It allows an attacker o compromise the application and the underlying system. Other attacks are also possible. Solution Update the plugin...

3.1AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2012/10/15 12:0 a.m.14 views

Crayon Syntax Highlighter <= 1.12 - Remote File Inclusion

The Crayon Syntax Highlighter WordPress plugin was affected by a Remote File Inclusion security vulnerability...

1.8AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2012/10/15 12:0 a.m.15 views

WordPress Plugin Crayon Syntax Highlighter - wp_load Remote File Inclusion

WordPress Plugin Crayon Syntax Highlighter - wpload Remote File Inclusion source: https://www.securityfocus.com/bid/55919/info The Crayon Syntax Highlighter plug-in for WordPress is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2012/10/15 12:0 a.m.39 views

WordPress Plugin Crayon Syntax Highlighter - &#039;wp_load&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/55919/info The Crayon Syntax Highlighter plug-in for WordPress is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/08/19 12:0 a.m.9 views

Syntax Highlighter 3.0.83 - index.html HTML Injection

Syntax Highlighter 3.0.83 - index.html HTML Injection source: https://www.securityfocus.com/bid/42572/info Syntax Highlighter is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/08/19 12:0 a.m.20 views

Syntax Highlighter 3.0.83 - &#039;index.html&#039; HTML Injection

source: https://www.securityfocus.com/bid/42572/info Syntax Highlighter is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to...

7.4AI score
Exploits0
OSV
OSV
added 2008/11/21 2:30 a.m.5 views

CVE-2008-5186

The setlanguagepath function in geshi.php in Generic Syntax Highlighter GeSHi before 1.0.8.1 might allow remote attackers to conduct file inclusion attacks via crafted inputs that influence the default language path $path variable. NOTE: this issue has been disputed by a vendor, stating that only...

6.5AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2008/11/21 12:0 a.m.6 views

PT-2008-6329 · Nigel Mcnie · Geshi

Name of the Vulnerable Software and Affected Versions: Generic Syntax Highlighter GeSHi versions prior to 1.0.8.1 Description: The set language path function in geshi.php might allow remote attackers to conduct file inclusion attacks via crafted inputs that influence the default language path $pa...

7.5CVSS7AI score0.01971EPSS
Exploits0References10
Rows per page
Query Builder