CVE-2008-5305

TWiki < 4.2.4 - Remote Code Execution via SEARCH Variable

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5305. PoCs published by Troy Bollinge.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in TWiki's search functionality by injecting arbitrary commands via the `date` parameter in the SEARCH macro. The payload `%SEARCH{ date="P`pr -?`" search="xyzzy" }%` demonstrates command execution when processed by the application.

Description

Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH{}% variable.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Troy Bollinge · textwebappsphp

https://www.exploit-db.com/exploits/32645

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in TWiki's search functionality by injecting arbitrary commands via the `date` parameter in the SEARCH macro. The payload `%SEARCH{ date="P`pr -?`" search="xyzzy" }%` demonstrates command execution when processed by the application.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: TWiki (version not specified)

No auth needed

Prerequisites: Access to the TWiki search functionality

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1021352

Vendor Advisory x_refsource_confirm

http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-5305

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/32668

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/3381

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/33040

Scores

EPSS 0.0412

EPSS Percentile 88.8%

Details

CWE

CWE-94

Status published

Products (13)

twiki/twiki 4.0.0

twiki/twiki 4.0.1

twiki/twiki 4.0.2

twiki/twiki 4.0.3

twiki/twiki 4.0.4

twiki/twiki 4.0.5

twiki/twiki 4.1.0

twiki/twiki 4.1.1

twiki/twiki 4.1.2

twiki/twiki 4.2.0

... and 3 more

Published Dec 10, 2008

Tracked Since Feb 18, 2026