Showing 1 - 4 of 4

Files from Peter Thoeny

First Active	2004-11-13
Last Active	2014-10-10

Twiki Perl Code Execution: Posted Oct 10, 2014; Authored by Peter Thoeny; The debugenableplugins request parameter in Twiki versions 4.x, 5.x, and 6.0.0 allows arbitrary Perl code execution.; tags | exploit, arbitrary, perl, code execution; advisories | CVE-2014-7236; SHA-256 | 7e6bafc3f4e27a15de8ac1ae847247abec86cca045f3b86848aeae7d24f79d02; Download | Favorite | View

Twiki Upload Bypass: Posted Oct 10, 2014; Authored by Peter Thoeny; Twiki versions 4.x, 5.x, and 6.0.0 suffer from a file upload bypass vulnerability.; tags | exploit, bypass, file upload; advisories | CVE-2014-7237; SHA-256 | e814ba5eee65de4bc58fee28adad2d2fa3cac065ea836323e7b984104a372fa8; Download | Favorite | View

TWiki 5.1.3 Command Execution: Posted Feb 18, 2013; Authored by Peter Thoeny; The %MAKETEXT{}% TWiki variable allows arbitrary shell command execution using tilde (~) characters. Only TWiki server with localization enabled are affected. Versions 5.1.0 through 5.1.3 suffer from this issue.; tags | advisory, arbitrary, shell; advisories | CVE-2012-6329, CVE-2013-1751; SHA-256 | 69ce1acdadc0b5a8985e3a80c2665154f577c3e6ce713f2e81c2207d4226efd5; Download | Favorite | View

twiki.txt: Posted Nov 13, 2004; Authored by Florian Weimer, Markus Goetz, Joerg Hoh, Michael Holzt, Florian Laws, Hans Ulrich Niedermann, Andreas Thienemann, Peter Thoeny; Remote attackers are able to execute arbitrary commands in the context of the TWiki process for TWiki versions 20030201 and possibly in other versions as well. This flaw is due to a lack of proper sanitization of user input.; tags | advisory, remote, arbitrary; SHA-256 | ac52112bc5ecb5d1c0b1b78be42869a3a5320137a2621f2fc66722fa6a94c04c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days