11 matches found
CVE-2014-7236
Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome...
TWiki View Script debugenableplugins Request Parameter Vulnerability
Added: 03/30/2015 CVE: CVE-2014-7236 BID: 70372 OSVDB: 112977 Background TWiki is a web-based collaboration platform written in PERL. Problem The TWiki view script does not properly sanitize the debugenableplugins parameter before using it. Resolution Upgrade to TWiki-6.0.1 or higher, or apply th...
TWiki View Script debugenableplugins Request Parameter Vulnerability
Added: 03/30/2015 CVE: CVE-2014-7236 BID: 70372 OSVDB: 112977 Background TWiki is a web-based collaboration platform written in PERL. Problem The TWiki view script does not properly sanitize the debugenableplugins parameter before using it. Resolution Upgrade to TWiki-6.0.1 or higher, or apply th...
TWiki View Script debugenableplugins Request Parameter Vulnerability
Added: 03/30/2015 CVE: CVE-2014-7236 BID: 70372 OSVDB: 112977 Background TWiki is a web-based collaboration platform written in PERL. Problem The TWiki view script does not properly sanitize the debugenableplugins parameter before using it. Resolution Upgrade to TWiki-6.0.1 or higher, or apply th...
CVE-2014-7236
creationtimestamp| type| source ---|---|--- 2015-03-19 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36438 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/twikidebugplugins.rb 2025-02-06 03:13:42+00:00| seen|...
TWiki Debugenableplugins Remote Code Execution Exploit
TWiki versions 4.0.x through 6.0.0 contain a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution. This module requires Metasploit: http://metasploit.com/download...
TWiki Debugenableplugins - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'TWiki Debugenableplugins Remote Code Execution', 'Description' = %q TWiki 4.0.x-6.0.0 contains a vulnerability in the Debug...
TWiki Debugenableplugins Remote Code Execution
TWiki 4.0.x-6.0.0 contains a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution. This module requires Metasploit: https://metasploit.com/download Current source:...
Twiki Unauthenticated Remote Code Execution (CVE-2014-7236)
A remote code execution was discovered in TWiki. An unauthenticated attacker may use this vulnerability to execute code on the vulnerable server...
Twiki Perl 4.x, 5.x, 6.x Upload Bypass / Code Execution Vulnerabilities
The debugenableplugins request parameter in Twiki versions 4.x, 5.x, and 6.0.0 allows arbitrary Perl code execution and suffer from a file upload bypass vulnerability. This is an advisory for TWiki administrators: The debugenableplugins request parameter allows arbitrary Perl code execution...
Twiki Perl Code Execution
This is an advisory for TWiki administrators: The debugenableplugins request parameter allows arbitrary Perl code execution. TWiki http://twiki.org is an Open Source Enterprise Wiki and Web Application Platform used by millions of people. Vulnerable Software Version Attack Vectors Impact Severity...