Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
twiki vulnerabilities and exploits
(subscribe to this query)
645
VMScore
CVE-2014-7236
Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki prior to 6.0.1 allows remote malicious users to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome.
Twiki Twiki
Twiki Twiki 6.0
1 EDB exploit
1 Github repository
890
VMScore
CVE-2013-1751
TWiki prior to 5.1.4 allows remote malicious users to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters.
Twiki Twiki
668
VMScore
CVE-2005-3056
TWiki allows arbitrary shell command execution via the Include function
Twiki Twiki 20040902-3
383
VMScore
CVE-2018-20212
bin/statistics in TWiki 6.0.2 allows cross-site scripting (XSS) via the webs parameter.
Twiki Twiki 6.0.2
383
VMScore
CVE-2014-9325
Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) QUERYSTRING variable in lib/TWiki.pm or (2) QUERYPARAMSTRING variable in lib/TWiki/UI/View.pm, as demonstrated by the QUERY_STRING to...
Twiki Twiki 6.0.1
383
VMScore
CVE-2014-9367
Incomplete blacklist vulnerability in the urlEncode function in lib/TWiki.pm in TWiki 6.0.0 and 6.0.1 allows remote malicious users to conduct cross-site scripting (XSS) attacks via a "'" (single quote) in the scope parameter to do/view/TWiki/WebSearch.
Twiki Twiki 6.0.0
Twiki Twiki 6.0.1
605
VMScore
CVE-2014-7237
lib/TWiki/Sandbox.pm in TWiki 6.0.0 and previous versions, when running on Windows, allows remote malicious users to bypass intended access restrictions and upload files with restricted names via a null byte (%00) in a filename to bin/upload.cgi, as demonstrated using .htaccess t...
Twiki Twiki
Microsoft Windows -
760
VMScore
CVE-2012-6329
The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl prior to 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent malicious users to execute arbitrary co...
Perl Perl 5.16.0
Perl Perl 5.14.3
Perl Perl 5.14.0
Perl Perl 5.13.2
Perl Perl 5.10.0
Perl Perl 5.12.0
Perl Perl 5.11.4
Perl Perl 5.11.2
Perl Perl 5.11.3
Perl Perl 5.12.3
Perl Perl
Perl Perl 5.16.1
Perl Perl 5.14.1
Perl Perl 5.13.0
Perl Perl 5.13.3
Perl Perl 5.11.0
Perl Perl 5.10
Perl Perl 5.12.1
Perl Perl 5.12.2
Perl Perl 5.10.1
Perl Perl 5.13.5
Perl Perl 5.13.4
2 EDB exploits
505
VMScore
CVE-2012-6330
The localization functionality in TWiki prior to 5.1.3, and Foswiki 1.0.x up to and including 1.0.10 and 1.1.x up to and including 1.1.6, allows remote malicious users to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.
Twiki Twiki 5.1.0
Twiki Twiki 5.1.1
Twiki Twiki
Foswiki Foswiki 1.0.2
Foswiki Foswiki 1.0.3
Foswiki Foswiki 1.1.0
Foswiki Foswiki 1.0.4
Foswiki Foswiki 1.0.10
Foswiki Foswiki 1.1.5
Foswiki Foswiki 1.0.1
Foswiki Foswiki 1.1.2
Foswiki Foswiki 1.1.1
Foswiki Foswiki 1.0.0
Foswiki Foswiki 1.1.6
Foswiki Foswiki 1.1.4
Foswiki Foswiki 1.1.3
1 EDB exploit
383
VMScore
CVE-2012-0979
Cross-site scripting (XSS) vulnerability in TWiki allows remote malicious users to inject arbitrary web script or HTML via the organization field in a profile, involving (1) registration or (2) editing of the user.
Twiki Twiki -
Twiki Twiki 5.1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »