Lucene search
+L

359 matches found

NVD
NVD
added 2006/04/29 10:2 a.m.20 views

CVE-2006-2106

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

4.3CVSS5.6AI score0.01369EPSS
Exploits0References7
Prion
Prion
added 2006/04/29 10:2 a.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

4.3CVSS6.1AI score0.01369EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2006/04/29 10:2 a.m.7 views

CVE-2006-2106

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

5.7AI score
Exploits0References8
OSV
OSV
added 2006/04/29 10:2 a.m.2 views

DEBIAN-CVE-2006-2106

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

4.3CVSS5.8AI score0.01369EPSS
Exploits0References1
CVE
CVE
added 2006/04/29 10:0 a.m.49 views

CVE-2006-2106

Trac 0.9.4 and earlier contain a cross-site scripting (XSS) vulnerability in the wiki macro, allowing a remote attacker to inject arbitrary script/HTML in the browser. Upgrade to Trac 0.9.5 per Edgewall’s advisory/blog referenced in the sources to mitigate.

4.3CVSS5.5AI score0.01369EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/04/29 10:0 a.m.26 views

CVE-2006-2106

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

5.5AI score0.01369EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2006/04/29 10:0 a.m.42 views

CVE-2006-2106

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

4.3CVSS4.3AI score0.01369EPSS
Exploits0
securityvulns
securityvulns
added 2006/04/28 12:0 a.m.33 views

[SA19870] Trac Wiki Macro Script Insertion Vulnerability

TITLE: Trac Wiki Macro Script Insertion Vulnerability SECUNIA ADVISORY ID: SA19870 VERIFY ADVISORY: http://secunia.com/advisories/19870/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Trac 0.x http://secunia.com/product/5260/ DESCRIPTION: A vulnerability h...

0.1AI score
Exploits0
FreeBSD
FreeBSD
added 2006/04/28 12:0 a.m.9 views

trac -- Wiki Macro Script Insertion Vulnerability

Secunia reports: A vulnerability has been reported, which can be exploited by malicious people to conduct script insertion attacks. Input passed using the wiki macro isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed ...

0.7AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/04/19 12:0 a.m.15 views

JVN#84091359 Trac cross-site scripting vulnerability

Impact A remote attacker could possibly execute an arbitrary script on the user's web browser. Solution Products Affected Trac 0.94 and earlier versions of 0.9 series Trac-ja 0.94 and earlier versions of 0.9 series...

7.6AI score
Exploits0
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.48 views

Edgewall Software Trac SQL injection flaw

The remote web server contains a CGI script that is affected by a SQL injection flaw. Description: The remote host is running Trac, an enhanced wiki and issue tracking system for software development projects written in python. The remote version of this software is prone to a SQL injection flaw...

7.5CVSS0.2AI score0.03264EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.27 views

Edgewall Software Trac SQL injection flaw

The remote version of Trac is prone to a SQL injection flaw through the ticket query module due to SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.5CVSS7.4AI score0.03264EPSS
Exploits1References3
Debian
Debian
added 2006/01/30 1:13 p.m.68 views

[SECURITY] [DSA 951-2] New trac packages fix SQL injection and cross-site scripting

-------------------------------------------------------------------------- Debian Security Advisory DSA 951-2 [email protected] http://www.debian.org/security/ Martin Schulze January 30th, 2006 http://www.debian.org/security/faq -...

7.5CVSS6.8AI score0.03978EPSS
Exploits2
Debian
Debian
added 2006/01/30 1:13 p.m.45 views

[SECURITY] [DSA 951-2] New trac packages fix SQL injection and cross-site scripting

-------------------------------------------------------------------------- Debian Security Advisory DSA 951-2 [email protected] http://www.debian.org/security/ Martin Schulze January 30th, 2006 http://www.debian.org/security/faq -...

7.5CVSS0.3AI score0.03978EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2006/01/29 12:0 a.m.22 views

GLSA-200601-12 : Trac: XSS vulnerability

The remote host is affected by the vulnerability described in GLSA-200601-12 Trac: XSS vulnerability Christophe Truc discovered that Trac fails to properly sanitize input passed in the URL. Impact : A remote attacker could exploit this to inject and execute malicious script code or to steal...

4.3CVSS5.6AI score0.01437EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2006/01/26 12:0 a.m.34 views

Trac: Cross-site scripting vulnerability

Background Trac is a minimalistic web-based project management, wiki and bug tracking system including a Subversion interface. Description Christophe Truc discovered that Trac fails to properly sanitize input passed in the URL. Impact A remote attacker could exploit this to inject and execute...

4.3CVSS6.9AI score0.01437EPSS
Exploits0
Debian
Debian
added 2006/01/23 9:17 a.m.82 views

[SECURITY] [DSA 951-1] New trac packages fix SQL injection and cross-site scripting

-------------------------------------------------------------------------- Debian Security Advisory DSA 951-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23rd, 2006 http://www.debian.org/security/faq -...

7.5CVSS0.7AI score0.03978EPSS
Exploits2
Debian
Debian
added 2006/01/23 9:17 a.m.81 views

[SECURITY] [DSA 951-1] New trac packages fix SQL injection and cross-site scripting

-------------------------------------------------------------------------- Debian Security Advisory DSA 951-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23rd, 2006 http://www.debian.org/security/faq -...

7.5CVSS6.8AI score0.03978EPSS
Exploits2
OSV
OSV
added 2006/01/23 12:0 a.m.14 views

DSA-951-2 trac - missing input sanitising

Bulletin has no description...

7.5CVSS6AI score0.03978EPSS
Exploits2
securityvulns
securityvulns
added 2006/01/17 12:0 a.m.39 views

[SA18465] Trac HTML WikiProcessor Script Insertion Vulnerability

TITLE: Trac HTML WikiProcessor Script Insertion Vulnerability SECUNIA ADVISORY ID: SA18465 VERIFY ADVISORY: http://secunia.com/advisories/18465/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Trac 0.x http://secunia.com/product/5260/ DESCRIPTION: A...

0.5AI score
Exploits0
Rows per page
Query Builder