Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH{}% variable.Referenceshttp://securitytracker.com/id?1021352http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-5305http://www.securityfocus.com/bid/32668http://www.vupen.com/english/advisories/2008/3381http://secunia.com/advisories/33040
