Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-07	CVE-2013-1751	Improper Input Validation vulnerability in Twiki TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters. network low complexity twiki CWE-20 critical	10.0
2008-12-10	CVE-2008-5305	Code Injection vulnerability in Twiki Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH{}% variable. network low complexity twiki CWE-94 critical	10.0
2006-12-02	CVE-2006-6071	Information Disclosure vulnerability in TWiki Failed Login TWiki 4.0.5 and earlier, when running under Apache 1.3 using ApacheLogin with sessions and "ErrorDocument 401" redirects to a valid wiki topic, does not properly handle failed login attempts, which allows remote attackers to read arbitrary content by cancelling out of a failed authentication with a valid username and invalid password. network low complexity twiki critical	9.0
2005-03-01	CVE-2004-1037	Remote Arbitrary Command Execution vulnerability in TWiki Search Shell Metacharacter The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string. network low complexity twiki gentoo critical	10.0