SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
lists.edgewall.com/archive/trac/2005-December/005777.html
projects.edgewall.com/trac/wiki/ChangeLog
secunia.com/advisories/17894
secunia.com/advisories/18555
securityreason.com/securityalert/222
www.debian.org/security/2006/dsa-951
www.osvdb.org/21459
www.securityfocus.com/bid/15720
www.vupen.com/english/advisories/2005/2766