CVE-2006-3819

Published: Jul 27, 2006Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Eval injection vulnerability in the configure script in TWiki 4.0.0 through 4.0.4 allows remote attackers to execute arbitrary Perl code via an HTTP POST request containing a parameter name starting with "TYPEOF".

Affected (6)

Products: Twiki: Twiki

Twiki

1 product

Twiki

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Twiki Twiki	Version 4.0.0
Twiki Twiki	Version 4.0.1
Twiki Twiki	Version 4.0.2
Twiki Twiki	Version 4.0.3
Twiki Twiki	Version 4.0.4
Twiki Twiki	Version 4.0

References (14)

http://secunia.com/advisories/21235

Source: cve@mitre.org

http://securitytracker.com/id?1016603

Source: cve@mitre.org

http://twiki.org/cgi-bin/view/Codev/SecurityAlertCmdExecWithConfigure

Source: cve@mitre.org

ExploitPatch

http://www.osvdb.org/displayvuln.php?osvdb_id=27556

Source: cve@mitre.org

http://www.securityfocus.com/bid/19188

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/2995

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/28049

Source: cve@mitre.org

http://secunia.com/advisories/21235