CVE-2004-1037
TWiki 20030201 - Command Injection
Title source: llmDescription
The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubywebappsphp
https://www.exploit-db.com/exploits/16894
exploitdb
WORKING POC
VERIFIED
by RoMaNSoFt · perlwebappscgi
https://www.exploit-db.com/exploits/642
metasploit
WORKING POC
EXCELLENT
by jduck · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/twiki_search.rb
References (8)
Scores
EPSS
0.8583
EPSS Percentile
99.4%
Details
Status
published
Products (2)
gentoo/linux
twiki/twiki
2003-02-01
Published
Mar 01, 2005
Tracked Since
Feb 18, 2026