CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Twiki: >> Twiki >> 4.2 Security Vulnerabilities

CVE-2008-5305

Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH{}% variable.

CVSS Score

10.0

EPSS Score

0.029

Published

2008-12-10

CVE-2008-3195

Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string containing a .. (dot dot) in the image variable, and execute arbitrary files via unspecified vectors.

CVSS Score

6.8

EPSS Score

0.575

Published

2008-09-18

Page 2

Vulnerabilities

Vulnerable Software

Twiki: >> Twiki >> 4.2 Security Vulnerabilities

Products

Pricing

Contact Us