GeSHi CVE-2012-3521 Multiple Local File Include Vulnerabilities
GeSHi is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue using directory-traversal strings to view and execute local files within the context of the web server process. Information harvested may aid in further attacks.
GeSHi 220.127.116.11 is vulnerable; other versions may also be affected.
Note: Information about the cross-site scripting issue has been moved to BID 59830 (GeSHi 'langwiz.php' Cross Site Scripting Vulnerability) to better document it.