Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trac trac vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-46659
Jenkins Edgewall Trac Plugin 1.13 and previous versions does not escape the Trac website URL on the build page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Jenkins Edgewall Trac
9.8
CVSSv3
CVE-2014-125082
A vulnerability was found in nivit redports. It has been declared as critical. This vulnerability affects unknown code of the file redports-trac/redports/model.py. The manipulation leads to sql injection. The name of the patch is fc2c1ea1b8d795094abb15ac73cab90830534e04. It is re...
Redports Project Redports
7.5
CVSSv3
CVE-2010-5108
Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an malicious user to change the status and resolution of tickets without having proper permissions.
Edgewall Trac 0.11.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2019-1003067
Jenkins Trac Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
Jenkins Trac Publisher
NA
CVE-2011-3192
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.19 allows remote malicious users to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as e...
Apache Http Server
Suse Linux Enterprise Server 11
Opensuse Opensuse 11.4
Opensuse Opensuse 11.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
2 EDB exploits
1 Nmap script
18 Github repositories
3 Articles
NA
CVE-2010-0394
PyGIT.py in the Trac Git plugin (trac-git) prior to 0.0.20080710-3+lenny1 and prior to 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote malicious users to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a...
Nanosleep Trac-git
NA
CVE-2009-4405
Multiple unspecified vulnerabilities in Trac prior to 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils <...
Edgewall Trac 0.11.5
Edgewall Trac 0.11
Edgewall Trac 0.10.3
Edgewall Trac 0.9.5
Edgewall Trac 0.9.4
Edgewall Trac 0.8.1
Edgewall Trac 0.8
Edgewall Trac 0.5.1
Edgewall Trac 0.5
Edgewall Trac 0.11.2
Edgewall Trac 0.11.1
Edgewall Trac 0.10.4
Edgewall Trac 0.10.3.1
Edgewall Trac 0.10
Edgewall Trac 0.9.6
Edgewall Trac 0.8.3
Edgewall Trac 0.8.2
Edgewall Trac 0.50.9
Edgewall Trac 0.5.2
Edgewall Trac 0.11.4
Edgewall Trac 0.11.3
Edgewall Trac 0.11.2.1
NA
CVE-2008-5646
Unspecified vulnerability in Trac prior to 0.11.2 allows malicious users to cause a denial of service via unknown attack vectors related to "certain wiki markup."
Trac Trac 0.10.3.1
Trac Trac 0.10.3
Trac Trac 0.5.1
Trac Trac 0.8.3
Trac Trac 0.8.4
Trac Trac
Trac Trac 0.10
Trac Trac 0.9
Trac Trac 0.7.1
Trac Trac 0.9.1
Trac Trac 0.9.6
Trac Trac 0.10.4
Trac Trac 0.10.5
Trac Trac 0.6.1
Trac Trac 0.7
Trac Trac 0.9.4
Trac Trac 0.5.2
Trac Trac 0.5
Trac Trac 0.8.2
Trac Trac 0.6
Trac Trac 0.9.2
Trac Trac 0.9.5
NA
CVE-2008-5647
Unspecified vulnerability in the HTML sanitizer filter in Trac prior to 0.11.2 allows malicious users to conduct phishing attacks via unknown attack vectors.
Trac Trac 0.10.3.1
Trac Trac 0.10.3
Trac Trac 0.5.1
Trac Trac 0.8.3
Trac Trac 0.6
Trac Trac 0.6.1
Trac Trac 0.9.4
Trac Trac 0.9
Trac Trac
Trac Trac 0.10
Trac Trac 0.8.4
Trac Trac 0.7
Trac Trac 0.9.1
Trac Trac 0.9.6
Trac Trac 0.10.4
Trac Trac 0.10.5
Trac Trac 0.5.2
Trac Trac 0.5
Trac Trac 0.8.1
Trac Trac 0.8.2
Trac Trac 0.9.2
Trac Trac 0.9.5
6.1
CVSSv3
CVE-2008-2951
Open redirect vulnerability in the search script in Trac prior to 0.10.5 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function.
Edgewall Trac
Fedoraproject Fedora 9
Fedoraproject Fedora 8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »