CyberSec.Space Logo
返回 CVE 浏览器

CVE-2005-3056

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0240%
EPSS Percentile32.80th
Published2019年11月1日
Last Modified2024年11月21日

Vulnerability Description

TWiki allows arbitrary shell command execution via the Include function

Affected Platforms (CPE)

📦
Twiki

Twiki

= 20040902-3

References & Advisories

🔗 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330733
🔗 https://security-tracker.debian.org/tracker/CVE-2005-3056
🔗 https://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithInclude
🔗 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330733
🔗 https://security-tracker.debian.org/tracker/CVE-2005-3056
🔗 https://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithInclude

相关漏洞威胁

CVE-2004-103710.0

The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search s...

CVE-2008-530510.0

Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH{}% varia...

CVE-2013-17519.8

TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value...

CVE-2014-72369.1

Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code ...