CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

Prion•added 2014/10/16 12:55 a.m.•19 views

Code injection

lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier, when running on Windows, allows remote attackers to bypass intended access restrictions and upload files with restricted names via a null byte %00 in a filename to bin/upload.cgi, as demonstrated using .htaccess to execute arbitrary code...

6.8CVSS7.9AI score0.29599EPSS

Exploits3References4Affected Software1

CVE•added 2014/10/16 12:0 a.m.•46 views

CVE-2014-7237

CVE-2014-7237 affects lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier on Windows. A remote attacker can bypass access restrictions and upload files with restricted names by exploiting a null byte (%00) in a filename to bin/upload.cgi, with demonstration via an .htaccess mechanism to execute arbit...

6.8CVSS7.6AI score0.29599EPSS

Exploits3References4Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by