Lucene search
K

8 matches found

Circl
Circl
added 2010/07/03 12:0 a.m.11 views

CVE-2004-1037

creationtimestamp| type| source ---|---|--- 2010-07-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16894 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/twikisearch.rb 2025-02-06 03:13:38+00:00| seen|...

10CVSS5.7AI score0.61668EPSS
Exploits8References2
Exploit DB
Exploit DB
added 2010/07/03 12:0 a.m.42 views

TWiki - Search Function Arbitrary Command Execution (Metasploit)

$Id: twikisearch.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

10CVSS7AI score0.61668EPSS
Exploits8
Metasploit
Metasploit
added 2010/02/21 8:31 p.m.36 views

TWiki Search Function Arbitrary Command Execution

This module exploits a vulnerability in the search component of TWiki. By passing a 'search' parameter containing shell metacharacters to the 'WebSearch' script, an attacker can execute arbitrary OS commands. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS6.8AI score0.61668EPSS
Exploits8
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.32 views

Gentoo Security Advisory GLSA 200411-33 (www-apps/twiki)

The remote host is missing updates announced in advisory GLSA 200411-33. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

10CVSS0.6AI score0.61668EPSS
Exploits8
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.16 views

FreeBSD Ports: twiki

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS6.6AI score0.61668EPSS
Exploits8References4
Saint
Saint
added 2006/04/06 12:0 a.m.33 views

TWiki Search.pm shell command injection

Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...

10CVSS6.9AI score0.61668EPSS
Exploits8
UbuntuCve
UbuntuCve
added 2005/03/01 5:0 a.m.21 views

CVE-2004-1037

The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string...

10CVSS6AI score0.61668EPSS
Exploits8References1
CVE
CVE
added 2004/11/19 5:0 a.m.73 views

CVE-2004-1037

CVE-2004-1037 affects TWiki prior to fix where the search function accepts a user-supplied search string. The vulnerability allows remote attackers to execute arbitrary OS commands by injecting shell metacharacters in the search parameter to the WebSearch script, potentially compromising the TWik...

10CVSS7.3AI score0.61668EPSS
Exploits8References8Affected Software1
Rows per page
Query Builder