CVE-2008-5305

Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH{}% variable.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
twikitwiki
𝑥
≤ 4.2.3
twikitwiki
4.0.0
twikitwiki
4.0.1
twikitwiki
4.0.2
twikitwiki
4.0.3
twikitwiki
4.0.4
twikitwiki
4.0.5
twikitwiki
4.1.0
twikitwiki
4.1.1
twikitwiki
4.1.2
twikitwiki
4.2.0
twikitwiki
4.2.1
twikitwiki
4.2.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
twiki
raring
dne
quantal
dne
precise
dne
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
ignored
jaunty
ignored
intrepid
ignored
hardy
ignored
gutsy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://secunia.com/advisories/33040
http://securitytracker.com/id?1021352
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-5305
http://www.securityfocus.com/bid/32668
http://www.vupen.com/english/advisories/2008/3381
http://secunia.com/advisories/33040
http://securitytracker.com/id?1021352
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-5305
http://www.securityfocus.com/bid/32668
http://www.vupen.com/english/advisories/2008/3381