Vulnerabilities > Twiki

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-17	CVE-2014-7236	Injection vulnerability in Twiki Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome. network low complexity twiki CWE-74 critical	9.1
2019-11-07	CVE-2013-1751	Improper Input Validation vulnerability in Twiki TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters. network low complexity twiki CWE-20 critical	9.8
2019-11-01	CVE-2005-3056	Injection vulnerability in Twiki 200409023 TWiki allows arbitrary shell command execution via the Include function network low complexity twiki CWE-74 critical	9.8
2019-03-21	CVE-2018-20212	Cross-site Scripting vulnerability in Twiki 6.0.2 bin/statistics in TWiki 6.0.2 allows cross-site scripting (XSS) via the webs parameter. network low complexity twiki CWE-79	6.1

Vulnerabilities > Twiki {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Twiki"}]}