CyberSec.Space Logo
Back to CVE Browser

CVE-2005-3056

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0240%
EPSS Percentile32.80th
PublishedNov 1, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

TWiki allows arbitrary shell command execution via the Include function

Affected Platforms (CPE)

πŸ“¦
Twiki

Twiki

= 20040902-3

References & Advisories

πŸ”— https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330733
πŸ”— https://security-tracker.debian.org/tracker/CVE-2005-3056
πŸ”— https://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithInclude
πŸ”— https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330733
πŸ”— https://security-tracker.debian.org/tracker/CVE-2005-3056
πŸ”— https://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithInclude

Related Vulnerabilities

CVE-2004-103710.0

The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search s...

CVE-2008-530510.0

Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH{}% varia...

CVE-2013-17519.8

TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value...

CVE-2014-72369.1

Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code ...