TWiki TWikiUsers - Arbitrary Command Execution

Author: B4dP4nd4
type: webapps
platform: php
port: 
date_added: 2005-09-14 
date_updated: 2013-06-18 
verified: 1 
codes: CVE-2005-2877;OSVDB-19403 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/14834/info

A remote command execution vulnerability affects the application.

The revision control function of the TWikiUsers script uses the backtick shell metacharacter to construct a command line. An attacker may use a specially crafted URI to execute arbitrary commands through the shell.

This attack would occur in the context of the vulnerable application and can facilitate unauthorized remote access.

http://www.example.com/cgi-bin/view/Main/TWikiUsers?rev=2%20%7Cless%20/etc/passwd