Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
twiki vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2013-1751
TWiki prior to 5.1.4 allows remote malicious users to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters.
Twiki Twiki
6.9
CVSSv2
CVE-2008-4998
postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid.
Twiki Twiki 4.1.2
4.3
CVSSv2
CVE-2018-20212
bin/statistics in TWiki 6.0.2 allows cross-site scripting (XSS) via the webs parameter.
Twiki Twiki 6.0.2
5
CVSSv2
CVE-2007-5193
The default configuration for twiki 4.1.2 on Debian GNU/Linux, and possibly other operating systems, specifies the work area directory (cfg{RCS}{WorkAreaDir}) under the web document root, which might allow remote malicious users to obtain sensitive information when .htaccess rest...
Twiki Twiki 4.1.2
4.3
CVSSv2
CVE-2014-9325
Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) QUERYSTRING variable in lib/TWiki.pm or (2) QUERYPARAMSTRING variable in lib/TWiki/UI/View.pm, as demonstrated by the QUERY_STRING to...
Twiki Twiki 6.0.1
7.5
CVSSv2
CVE-2005-3056
TWiki allows arbitrary shell command execution via the Include function
Twiki Twiki 20040902-3
6.8
CVSSv2
CVE-2014-7237
lib/TWiki/Sandbox.pm in TWiki 6.0.0 and previous versions, when running on Windows, allows remote malicious users to bypass intended access restrictions and upload files with restricted names via a null byte (%00) in a filename to bin/upload.cgi, as demonstrated using .htaccess t...
Twiki Twiki
Microsoft Windows -
10
CVSSv2
CVE-2004-1037
The search function in TWiki 20030201 allows remote malicious users to execute arbitrary commands via shell metacharacters in a search string.
Twiki Twiki 2003-02-01
Gentoo Linux
2 EDB exploits
5
CVSSv2
CVE-2012-6330
The localization functionality in TWiki prior to 5.1.3, and Foswiki 1.0.x up to and including 1.0.10 and 1.1.x up to and including 1.1.6, allows remote malicious users to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.
Twiki Twiki 5.1.0
Twiki Twiki 5.1.1
Twiki Twiki
Foswiki Foswiki 1.0.2
Foswiki Foswiki 1.0.3
Foswiki Foswiki 1.1.0
Foswiki Foswiki 1.0.4
Foswiki Foswiki 1.0.10
Foswiki Foswiki 1.1.5
Foswiki Foswiki 1.0.1
Foswiki Foswiki 1.1.2
Foswiki Foswiki 1.1.1
Foswiki Foswiki 1.0.0
Foswiki Foswiki 1.1.6
Foswiki Foswiki 1.1.4
Foswiki Foswiki 1.1.3
1 EDB exploit
7.5
CVSSv2
CVE-2005-0516
The ImageGalleryPlugin (ImageGalleryPlugin.pm) in Twiki allows remote malicious users to execute arbitrary commands via certain commands that generate thumbnails.
Twiki Imagegalleryplugin
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »