CVE-2004-1037
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2004-1037
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
TWiki 搜索功能 任意SHELL命令执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
TWiki是一个灵活、强大、安全并且简单的基于WEB的合作平台。 TWiki的search功能没有正确过滤用户提交的搜索字符串,远程攻击者可以利用这个漏洞以进程权限执行任意SHELL命令。 搜索功能中对搜索字符串的数据缺少过滤,提交包含SHELL元字符的数据,可以进程权限执行任意SHELL命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2004-1037
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2004-1037
Please Login to view more intelligence information
- http://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithSearchx_refsource_CONFIRM
- http://www.ciac.org/ciac/bulletins/p-039.shtmlthird-party-advisorygovernment-resourcex_refsource_CIAC
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000918vendor-advisoryx_refsource_CONECTIVA
- https://nvd.nist.gov/vuln/detail/CVE-2004-1037
Same Patch Batch · n/a · 2004-11-19 · 26 CVEs total
| CVE-2004-0934 | Kaspersky zip 安全漏洞 | |
| CVE-2004-1006 | ISC DHCP 格式化字符串漏洞 | |
| CVE-2004-0992 | Proxytunnel 远程格式串任意指令执行漏洞 | |
| CVE-2004-0986 | iptables 自动装载模块失败漏洞 | |
| CVE-2004-0983 | Ruby CGI模块 未明拒绝服务漏洞 | |
| CVE-2004-0982 | MPG123远程URL打开缓冲区溢出漏洞 | |
| CVE-2004-0981 | ImageMagick远程EXIF解析缓冲区溢出漏洞 | |
| CVE-2004-0980 | EZ-IPupdate远程格式化字符串漏洞 | |
| CVE-2004-0941 | GD图形库多个未指定的远程缓冲区溢出漏洞 | |
| CVE-2004-0939 | Juniper Neoteris IVE远程密码猜测攻击漏洞 | |
| CVE-2004-0937 | 多家防病毒厂商软件 安全漏洞 | |
| CVE-2004-0936 | RAV AntiVirus zip 安全漏洞 | |
| CVE-2004-0935 | Eset AntiVirus zip 安全漏洞 | |
| CVE-2004-0563 | Freenet6客户端默认安装配置文件权限漏洞 | |
| CVE-2004-0933 | 多家防病毒软件 安全漏洞 | |
| CVE-2004-0932 | McAfee AntiVirus zip 安全漏洞 | |
| CVE-2004-0930 | Samba ms_fnmatch 拒绝服务漏洞 | |
| CVE-2004-0917 | Vignette ApplicationPortal 远程信息泄露漏洞 | |
| CVE-2004-0916 | cabextract 目录遍历漏洞 | |
| CVE-2004-0882 | Samba QFILEPATHINFO 缓冲区溢出漏洞 |
Showing top 20 of 26 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2004-1037
No comments yet