Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
edgewall trac vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-1406
Trac prior to 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors.
Edgewall Software Trac 0.10.2
Edgewall Software Trac 0.10
Edgewall Software Trac 0.10.1
Edgewall Software Trac 0.10.3
7.5
CVSSv2
CVE-2009-4405
Multiple unspecified vulnerabilities in Trac prior to 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils <...
Edgewall Trac 0.11.5
Edgewall Trac 0.11
Edgewall Trac 0.10.3
Edgewall Trac 0.9.5
Edgewall Trac 0.9.4
Edgewall Trac 0.8.1
Edgewall Trac 0.8
Edgewall Trac 0.5.1
Edgewall Trac 0.5
Edgewall Trac 0.11.2
Edgewall Trac 0.11.1
Edgewall Trac 0.10.4
Edgewall Trac 0.10.3.1
Edgewall Trac 0.10
Edgewall Trac 0.9.6
Edgewall Trac 0.8.3
Edgewall Trac 0.8.2
Edgewall Trac 0.50.9
Edgewall Trac 0.5.2
Edgewall Trac 0.11.4
Edgewall Trac 0.11.3
Edgewall Trac 0.11.2.1
7.5
CVSSv2
CVE-2006-5878
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and previous versions allows remote malicious users to perform unauthorized actions as other users via unknown vectors.
Edgewall Software Trac 0.7
Edgewall Software Trac 0.7.1
Edgewall Software Trac 0.9.1
Edgewall Software Trac 0.9.2
Edgewall Software Trac 0.9.3
Edgewall Software Trac 0.5
Edgewall Software Trac 0.5.1
Edgewall Software Trac 0.8
Edgewall Software Trac 0.8.1
Edgewall Software Trac 0.9.4
Edgewall Software Trac 0.9.5
Edgewall Software Trac 0.5.2
Edgewall Software Trac 0.50.9
Edgewall Software Trac 0.8.2
Edgewall Software Trac 0.8.3
Edgewall Software Trac 0.9.6
Edgewall Software Trac 0.9b1
Edgewall Software Trac 0.6
Edgewall Software Trac 0.6.1
Edgewall Software Trac 0.8.4
Edgewall Software Trac 0.9
Edgewall Software Trac 0.9b2
7.5
CVSSv2
CVE-2005-4065
SQL injection vulnerability in the search module in Edgewall Trac prior to 0.9.2 allows remote malicious users to execute arbitrary SQL commands via unknown vectors.
Edgewall Software Trac 0.8.3
Edgewall Software Trac 0.8.4
Edgewall Software Trac 0.7.1
Edgewall Software Trac 0.8.1
Edgewall Software Trac 0.9
Edgewall Software Trac 0.9.1
1 EDB exploit
7.5
CVSSv2
CVE-2005-3980
SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote malicious users to execute arbitrary SQL commands via the group parameter.
Edgewall Software Trac 0.8
Edgewall Software Trac 0.8.1
Edgewall Software Trac 0.6
Edgewall Software Trac 0.6.1
Edgewall Software Trac 0.8.4
Edgewall Software Trac 0.9
Edgewall Software Trac 0.7
Edgewall Software Trac 0.7.1
Edgewall Software Trac 0.9b1
Edgewall Software Trac 0.9b2
Edgewall Software Trac 0.5.1
Edgewall Software Trac 0.5.2
Edgewall Software Trac 0.50.9
Edgewall Software Trac 0.8.2
Edgewall Software Trac 0.8.3
1 EDB exploit
6.8
CVSSv2
CVE-2006-3695
Trac prior to 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote malicious users to read arbitrary files, perform cross-site scripting...
Edgewall Software Trac
6.4
CVSSv2
CVE-2005-2147
Trac prior to 0.8.4 allows remote malicious users to read or upload arbitrary files via a full pathname in the id parameter to the (1) upload or (2) attachment viewer scripts.
Edgewall Software Trac 0.7.1
Edgewall Software Trac 0.8.1
Edgewall Software Trac 0.8.3
6.4
CVSSv2
CVE-2005-2007
Directory traversal vulnerability in Edgewall Trac 0.8.3 and previous versions allows remote malicious users to read or write arbitrary files via a .. (dot dot) in the id parameter to the (1) upload or (2) attachment scripts.
Edgewall Software Trac 0.5
Edgewall Software Trac 0.5.1
Edgewall Software Trac 0.5.2
Edgewall Software Trac 0.6
Edgewall Software Trac 0.8.1
Edgewall Software Trac 0.8.2
Edgewall Software Trac 0.8.3
Edgewall Software Trac 0.7
Edgewall Software Trac 0.8
Edgewall Software Trac 0.6.1
Edgewall Software Trac 0.7.1
5.8
CVSSv2
CVE-2008-2951
Open redirect vulnerability in the search script in Trac prior to 0.10.5 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function.
Edgewall Trac
Fedoraproject Fedora 9
Fedoraproject Fedora 8
5
CVSSv2
CVE-2010-5108
Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an malicious user to change the status and resolution of tickets without having proper permissions.
Edgewall Trac 0.11.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »