EUVD-2005-2148

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Trac before version 0.8.4 allows remote file reading or uploading via the id parameter

Reporter	Title	Published	Views	Family All 14
CVE	CVE-2005-2147	6 Jul 200504:00	–	cve
Cvelist	CVE-2005-2147	6 Jul 200504:00	–	cvelist
Debian CVE	CVE-2005-2147	6 Jul 200504:00	–	debiancve
Tenable Nessus	Debian DSA-739-1 : trac - missing input sanitising	6 Jul 200500:00	–	nessus
Tenable Nessus	FreeBSD : trac -- file upload/download vulnerability (b02c1d80-e1bb-11d9-b875-0001020eed82)	13 Jul 200500:00	–	nessus
NVD	CVE-2005-2147	6 Jul 200504:00	–	nvd
OpenVAS	FreeBSD Ports: trac	4 Sep 200800:00	–	openvas
OpenVAS	Debian: Security Advisory (DSA-739-1)	17 Jan 200800:00	–	openvas
OpenVAS	FreeBSD Ports: trac	4 Sep 200800:00	–	openvas
OpenVAS	Debian Security Advisory DSA 739-1 (trac)	17 Jan 200800:00	–	openvas

[
  {
    "enisaIdVendor": [
      {
        "id": "5ede34b8-71b5-39cf-821d-c8a168f423c4",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "024cf77c-7989-3faf-87f4-09c8ddbac29d",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
debian	www.debian.org/security/2005/dsa-739
hardened-php	www.hardened-php.net/advisory-012005.php
secunia	www.secunia.com/advisories/15752
securityfocus	www.securityfocus.com/bid/13990
debian	www.debian.org/security/2005/dsa-739
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 26.4

EPSS0.00425