17 matches found
EUVD-2012-3476
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2025-2123
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1. Affected by this issue is the function getvar of the file...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the manipulation of the getvar argument in the cssgen.php file. An attacker can inject malicious scripts by manipulating the input parameter...
DEBIAN-CVE-2025-2123
A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1. Affected by this issue is the function getvar of the file /contrib/cssgen.php of the component CSS Handler. The manipulation of the argument...
SUSE CVE-2012-3521
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the cssgen contrib module. An attacker can read arbitrary files by manipulating the geshi-path or geshi-lang-path parameters. Details A Directory Traversal attack also known as path traversal aims to access files...
GHSA-FW3X-2PR2-5J64 GeSHi vulnerable to Directory Traversal
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...
GeSHi vulnerable to Directory Traversal
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...
CVE-2012-3521
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...
DEBIAN-CVE-2012-3521
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...
CVE-2012-3521
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...
CVE-2012-3521
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...
Directory traversal
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...
UBUNTU-CVE-2012-3521
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...
CVE-2012-3521
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...
CVE-2012-3521
GeSHi’s cssgen contrib module is affected by directory traversal in versions prior to 1.0.8.11. The vulnerability arises when a user-supplied parameter (geshi-path or geshi-lang-path) contains a .. sequence, allowing an attacker to read arbitrary files. Affected product: GeSHi (cssgen contrib). R...
Updated php-geshi package fix security vulnerabilities
A directory traversal and information disclosure local file inclusion flaws were found in the cssgen contrib module application to generate custom CSS files of GeSHi, a generic syntax highlighter, performed sanitization of 'geshi-path' and 'geshi-lang-path' HTTP GET / POST variables. A remote...