Unrated severityNVD Advisory· Published Mar 26, 2006· Updated Apr 16, 2026

CVE-2006-1386

Description

The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore access control settings, which allows remote attackers to read restricted areas and access restricted content in TWiki topics.

Affected products

TWiki/Twiki2 versions
cpe:2.3:a:twiki:twiki:4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:twiki:twiki:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:twiki:twiki:4.0.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19410nvd
securitytracker.com/idnvd
twiki.org/cgi-bin/view/Codev/SecurityAlertTWiki4RdiffPreviewAccessnvd
www.securityfocus.com/bid/17268nvd
www.vupen.com/english/advisories/2006/1116nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25444nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000