Full title: TWiki Debugenableplugins Remote Code Execution Exploit 
Category: remote exploits
Platform: php
TWiki versions 4.0.x through 6.0.0 contain a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution.

# 0day.today @ http://0day.today/