EUVD-2008-2346

Malware in sbrugna...

DRUPAL-CONTRIB-2023-043

Provides highlight.php integration to Drupal, allowing blocks to be automatically highlighted with the correct language. The module's Twig function doesn't sufficiently filter user-entered data...

highlight.php - Moderately critical - Cross Site Scripting - SA-CONTRIB-2023-043

Provides highlight.php integration to Drupal, allowing blocks to be automatically highlighted with the correct language. The module's Twig function doesn't sufficiently filter user-entered data...

Joomla! 2.5.x < 2.5.9 / 3.0.x < 3.0.3 Multiple Vulnerabilities

According to its self-reported version number, the Joomla! installation running on the remote web server is 2.5.x prior to 2.5.9 or 3.0.x prior to 3.0.3. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the highlight.php script, within the...

CVE-2013-1453

plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and possibly have other impacts via the highlight...

CVE-2013-1453

CVE-2013-1453 affects Joomla! versions 3.0.x up to 3.0.2 and 2.5.x up to 2.5.8. The vulnerability resides in /plugins/system/highlight/highlight.php, where user input through the highlight parameter is base64-decoded and then passed to unserialize(), enabling an attacker to inject arbitrary PHP o...

CVE-2008-2350

Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via 1 .. dot dot or 2 C: folder sequences in the file parameter...

CVE-2008-2350

Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via 1 .. dot dot or 2 C: folder sequences in the file parameter...

CVE-2008-2350

CVE-2008-2350 (CWE-style directory traversal) : Affected software is bcoos, specifically highlight.php versions 1.0.9–1.0.13. The vulnerability arises from an improper handling of the file parameter, enabling directory traversal via ".." sequences or Windows-style C: paths to read arbitrary local...

Web Slider 0.6 - &#039;path&#039; Remote File Inclusion

Web Slider 0.6pathRemote File Inclusion Vulnerabilities D.Script: http://sourceforge.net/projects/webslider/ Discovered by: GolDM = Mahmoodali Homepage: http://Www.Tryag.Com/cc Exploit:Path/index.php?path=Shell Exploit:Path/modules/pdf.php?path=Shell Exploit:Path/plugins/highlight.php?path=Shell...

runcms highlight.php hole

This is a stupid BUG report. They found the bug without checking the script or they know but dont said about it to promote their group. The truth is the script is allow only user that have the right to access the "systems" module to use it, this mean only admin and some moderators/users that have...

CVE-2005-0828

highlight.php in 1 RUNCMS 1.1A, 2 CIAMOS 0.9.2 RC1, 3 e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops exoops, allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from...

PT-2005-1857 · Ciamos +2 · Ciamos +2

Name of the Vulnerable Software and Affected Versions: RUNCMS version 1.1A CIAMOS version 0.9.2 RC1 e-Xoops version 1.05 Rev3 Description: The issue allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter. This can be used to read sensitive information...

highlight.txt

IHS Iran Hackers Sabotage Public advisory by : NT [email protected] If You Have RUNCMS Installation Address You Can Use highligh.php Hole And Get DataBase ConfigurationName,User,Password Tested In RUNCMS 1.1A ------------------------------------------- Input This Line To Your Browser AddressBar :...

RunCMS highlight.php Information Disclosure

Binary data 2723.prm...

Ciamos Highlight.php Security Hole&#40;IHS&#41;

IHS Iran Hackers Sabotage Public advisory by : NT [email protected] If You Have CIAMOS Installation Address You Can Use highligh.php Hole And Get DataBase ConfigurationName,User,Password Tested In CIAMOS ------------------------------------------- Input This Line To Your Browser AddressBar :...

runcms highlight.php hole

IHS Iran Hackers Sabotage Public advisory by : NT [email protected] If You Have RUNCMS Installation Address You Can Use highligh.php Hole And Get DataBase ConfigurationName,User,Password Tested In RUNCMS 1.1A ------------------------------------------- Input This Line To Your Browser AddressBar :...