EUVD-2005-3975

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SQL injection vulnerability in Edgewall Trac 0.9 allows remote SQL command execution via group parameter

Reporter	Title	Published	Views	Family All 12
FreeBSD	trac -- reStructuredText breach of privacy and denial of service vulnerability	6 Jul 200600:00	–	freebsd
CVE	CVE-2005-3980	4 Dec 200511:00	–	cve
Cvelist	CVE-2005-3980	4 Dec 200511:00	–	cvelist
Debian CVE	CVE-2005-3980	4 Dec 200511:00	–	debiancve
Tenable Nessus	FreeBSD : trac -- reStructuredText breach of privacy and denial of service vulnerability (b0d61f73-0e11-11db-a47b-000c2957fdf1)	10 Jul 200600:00	–	nessus
Tenable Nessus	Trac Ticket Query Module group Parameter SQL Injection	2 Dec 200500:00	–	nessus
NVD	CVE-2005-3980	4 Dec 200511:03	–	nvd
OpenVAS	Edgewall Software Trac SQL injection flaw	26 Mar 200600:00	–	openvas
OpenVAS	FreeBSD Ports: trac, ja-trac	4 Sep 200800:00	–	openvas
OpenVAS	Edgewall Software Trac SQL injection flaw	26 Mar 200600:00	–	openvas

[
  {
    "enisaIdVendor": [
      {
        "id": "0143aaec-3dcb-332d-b1e3-6d8748b6b42a",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "939f2538-e3dc-3f88-b354-f716dd0c4772",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/archive/1/418294/100/0/threaded
osvdb	www.osvdb.org/21386
secunia	www.secunia.com/advisories/17836/
vupen	www.vupen.com/english/advisories/2005/2701
securityfocus	www.securityfocus.com/bid/15676/
projects	www.projects.edgewall.com/trac/wiki/ChangeLog
securitytracker	www.securitytracker.com/id
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/23461
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 27.5

EPSS0.03174