CVE-2014-1867
HIGHsuphp < 0.7.2 - Security Bypass and Arbitrary Code Execution via Source-Highlighting Feature
Title source: llmDescription
suPHP before 0.7.2 source-highlighting feature allows security bypass which could lead to arbitrary code execution
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
https://security-tracker.debian.org/tracker/CVE-2014-1867
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/65212
Mailing List, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2014/02/10/1
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/91315
Scores
CVSS v3
7.8
EPSS
0.0042
EPSS Percentile
33.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (1)
suphp/suphp
< 0.7.2
Published
Dec 13, 2019
Tracked Since
Feb 18, 2026