PT-2004-2032 · Twiki · Twiki

Andreas Thienemann

Published

2004-11-19

Updated

2017-07-11

CVE-2004-1037

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: TWiki version 20030201

Description: The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a search string, specifically in the search function.

Recommendations: For TWiki version 20030201, consider restricting the use of the search function until a patch is available, or apply configuration changes to limit the execution of shell metacharacters in search strings.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1037

Affected Products

Twiki

PT-2004-2032 · Twiki · Twiki

CVE-2004-1037

Related Identifiers

Affected Products

References · 13