VYPR
Unrated severityNVD Advisory· Published Jun 20, 2006· Updated Jun 16, 2026

CVE-2006-2942

CVE-2006-2942

Description

TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain Twiki administrator privileges via a TWiki.TWikiRegistration form with a modified action attribute that references the Sandbox web instead of the user web, which can then be used to associate the user's login name with the WikiName of a member of the TWikiAdminGroup.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • TWiki/Twiki4 versions
    cpe:2.3:a:twiki:twiki:4.0.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:twiki:twiki:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:twiki:twiki:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:twiki:twiki:4.0.2:*:*:*:*:*:*:*
    • (no CPE)range: >=4.0.0, <=4.0.2

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.