Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (29 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3819 1 Twiki 1 Twiki 2025-04-03 N/A
Eval injection vulnerability in the configure script in TWiki 4.0.0 through 4.0.4 allows remote attackers to execute arbitrary Perl code via an HTTP POST request containing a parameter name starting with "TYPEOF".
CVE-2006-2942 1 Twiki 1 Twiki 2025-04-03 N/A
TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain Twiki administrator privileges via a TWiki.TWikiRegistration form with a modified action attribute that references the Sandbox web instead of the user web, which can then be used to associate the user's login name with the WikiName of a member of the TWikiAdminGroup.
CVE-2018-20212 1 Twiki 1 Twiki 2024-11-21 N/A
bin/statistics in TWiki 6.0.2 allows cross-site scripting (XSS) via the webs parameter.
CVE-2014-7236 1 Twiki 1 Twiki 2024-11-21 9.1 Critical
Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome.
CVE-2013-1751 1 Twiki 1 Twiki 2024-11-21 9.8 Critical
TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters.
CVE-2005-3056 1 Twiki 1 Twiki 2024-11-21 9.8 Critical
TWiki allows arbitrary shell command execution via the Include function
CVE-2011-3010 1 Twiki 1 Twiki 2024-08-06 N/A
Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.
CVE-2012-6330 2 Foswiki, Twiki 2 Foswiki, Twiki 2024-08-06 N/A
The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.
CVE-2012-0979 1 Twiki 1 Twiki 2024-08-06 N/A
Cross-site scripting (XSS) vulnerability in TWiki allows remote attackers to inject arbitrary web script or HTML via the organization field in a profile, involving (1) registration or (2) editing of the user.