TWiki 5.1.1

CPE Details

TWiki 5.1.1
twiki
twiki
5.1.1
2012-02-03
14h02 +00:00
2012-02-16
19h19 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:twiki:twiki:5.1.1:*:*:*:*:*:*:*

Informations

Vendor

twiki

Product

twiki

Version

5.1.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2014-7236 2020-02-17 20h14 +00:00 Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome.
9.1
Critical
CVE-2013-1751 2019-11-07 20h51 +00:00 TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters.
9.8
Critical
CVE-2014-7237 2014-10-15 22h00 +00:00 lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier, when running on Windows, allows remote attackers to bypass intended access restrictions and upload files with restricted names via a null byte (%00) in a filename to bin/upload.cgi, as demonstrated using .htaccess to execute arbitrary code.
6.8
CVE-2012-6330 2013-01-04 20h00 +00:00 The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.
5
CVE-2012-0979 2012-02-02 16h00 +00:00 Cross-site scripting (XSS) vulnerability in TWiki allows remote attackers to inject arbitrary web script or HTML via the organization field in a profile, involving (1) registration or (2) editing of the user.
4.3