CVE-2025-2123
- EPSS 0.09%
- Veröffentlicht 09.03.2025 15:15:36
- Zuletzt bearbeitet 23.06.2025 18:53:22
A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1. Affected by this issue is the function get_var of the file /contrib/cssgen.php of the component CSS Handler. The manipulation of the argument default-styles/...
- EPSS 5.63%
- Veröffentlicht 21.11.2008 02:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The highlighting functionality in geshi.php in GeSHi before 1.0.8 allows remote attackers to cause a denial of service (infinite loop) via an XML sequence containing an opening delimiter without a closing delimiter, as demonstrated using "<".
CVE-2008-5186
- EPSS 0.92%
- Veröffentlicht 21.11.2008 02:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The set_language_path function in geshi.php in Generic Syntax Highlighter (GeSHi) before 1.0.8.1 might allow remote attackers to conduct file inclusion attacks via crafted inputs that influence the default language path ($path variable). NOTE: this ...
- EPSS 0.67%
- Veröffentlicht 27.09.2005 20:03:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to read arbitrary files via the language field without a source field set.