Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
edgewall software trac 0.8.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4065
SQL injection vulnerability in the search module in Edgewall Trac prior to 0.9.2 allows remote malicious users to execute arbitrary SQL commands via unknown vectors.
Edgewall Software Trac 0.8.4
Edgewall Software Trac 0.7.1
Edgewall Software Trac 0.9.1
Edgewall Software Trac 0.8.3
Edgewall Software Trac 0.9
Edgewall Software Trac 0.8.1
1 EDB exploit
NA
CVE-2005-2147
Trac prior to 0.8.4 allows remote malicious users to read or upload arbitrary files via a full pathname in the id parameter to the (1) upload or (2) attachment viewer scripts.
Edgewall Software Trac 0.7.1
Edgewall Software Trac 0.8.3
Edgewall Software Trac 0.8.1
NA
CVE-2005-2007
Directory traversal vulnerability in Edgewall Trac 0.8.3 and previous versions allows remote malicious users to read or write arbitrary files via a .. (dot dot) in the id parameter to the (1) upload or (2) attachment scripts.
Edgewall Software Trac 0.7.1
Edgewall Software Trac 0.6.1
Edgewall Software Trac 0.8
Edgewall Software Trac 0.5
Edgewall Software Trac 0.6
Edgewall Software Trac 0.8.2
Edgewall Software Trac 0.5.2
Edgewall Software Trac 0.5.1
Edgewall Software Trac 0.8.3
Edgewall Software Trac 0.8.1
Edgewall Software Trac 0.7
NA
CVE-2005-3980
SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote malicious users to execute arbitrary SQL commands via the group parameter.
Edgewall Software Trac 0.8.4
Edgewall Software Trac 0.7.1
Edgewall Software Trac 0.6.1
Edgewall Software Trac 0.8
Edgewall Software Trac 0.6
Edgewall Software Trac 0.8.2
Edgewall Software Trac 0.9b1
Edgewall Software Trac 0.5.2
Edgewall Software Trac 0.5.1
Edgewall Software Trac 0.8.3
Edgewall Software Trac 0.9
Edgewall Software Trac 0.9b2
Edgewall Software Trac 0.8.1
Edgewall Software Trac 0.7
Edgewall Software Trac 0.50.9
1 EDB exploit
NA
CVE-2006-5878
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and previous versions allows remote malicious users to perform unauthorized actions as other users via unknown vectors.
Edgewall Software Trac 0.8.4
Edgewall Software Trac 0.7.1
Edgewall Software Trac 0.6.1
Edgewall Software Trac 0.8
Edgewall Software Trac 0.5
Edgewall Software Trac 0.6
Edgewall Software Trac 0.8.2
Edgewall Software Trac 0.9.1
Edgewall Software Trac 0.9b1
Edgewall Software Trac 0.5.2
Edgewall Software Trac 0.9.3
Edgewall Software Trac 0.5.1
Edgewall Software Trac 0.8.3
Edgewall Software Trac 0.9.6
Edgewall Software Trac 0.9
Edgewall Software Trac 0.9b2
Edgewall Software Trac 0.9.4
Edgewall Software Trac
Edgewall Software Trac 0.8.1
Edgewall Software Trac 0.9.2
Edgewall Software Trac 0.9.5
Edgewall Software Trac 0.7
NA
CVE-2008-3328
Cross-site scripting (XSS) vulnerability in the wiki engine in Trac prior to 0.10.5 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Edgewall Software Trac 0.8.4
Edgewall Software Trac
Edgewall Software Trac 0.10.3
Edgewall Software Trac 0.7.1
Edgewall Software Trac 0.10.3.1
Edgewall Software Trac 0.6.1
Edgewall Software Trac 0.10
Edgewall Software Trac 0.8
Edgewall Software Trac 0.5
Edgewall Software Trac 0.6
Edgewall Software Trac 0.8.2
Edgewall Software Trac 0.9.1
Edgewall Software Trac 0.10.2
Edgewall Software Trac 0.9b1
Edgewall Software Trac 0.5.2
Edgewall Software Trac 0.9.3
Edgewall Software Trac 0.5.1
Edgewall Software Trac 0.8.3
Edgewall Software Trac 0.9.6
Edgewall Software Trac 0.9
Edgewall Software Trac 0.9b2
Edgewall Software Trac 0.9.4
NA
CVE-2006-3695
Trac prior to 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote malicious users to read arbitrary files, perform cross-site scripting...
Edgewall Software Trac
NA
CVE-2005-4644
Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote malicious users to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.
Edgewall Software Trac 0.9.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started