Lucene search
+L

359 matches found

CVE
CVE
added 2005/12/07 11:0 a.m.58 views

CVE-2005-4065

CVE-2005-4065 is a SQL injection vulnerability in the Trac search module, affecting Trac prior to 0.9.2. The root cause is missing input sanitisation that allows an attacker to inject arbitrary SQL. The impact is remote code execution on the database level (partial confidentiality, integrity, and...

7.5CVSS8AI score0.03978EPSS
Exploits1References9Affected Software1
Debian CVE
Debian CVE
added 2005/12/07 11:0 a.m.34 views

CVE-2005-4065

SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

7.5CVSS7.7AI score0.03978EPSS
Exploits1
Cvelist
Cvelist
added 2005/12/07 11:0 a.m.21 views

CVE-2005-4065

SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

8AI score0.03978EPSS
Exploits1References9
exploitpack
exploitpack
added 2005/12/05 12:0 a.m.12 views

Edgewall Software Trac 0.7.10.80.9 Search Module - SQL Injection

Edgewall Software Trac 0.7.10.80.9 Search Module - SQL Injection source: https://www.securityfocus.com/bid/15720/info Trac is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/12/05 12:0 a.m.23 views

Edgewall Software Trac 0.7.1/0.8/0.9 Search Module - SQL Injection

source: https://www.securityfocus.com/bid/15720/info Trac is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to compromise the...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2005/12/05 12:0 a.m.23 views

trac -- search module SQL injection vulnerability

Secunia reports: A vulnerability has been reported in Trac, which can be exploited by malicious people to conduct SQL injection attacks. Some unspecified input passed in the search module isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by...

3AI score
Exploits0References2
NVD
NVD
added 2005/12/04 11:3 a.m.18 views

CVE-2005-3980

SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter...

7.5CVSS8.3AI score0.03264EPSS
Exploits1References8
OSV
OSV
added 2005/12/04 11:3 a.m.2 views

DEBIAN-CVE-2005-3980

SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter...

7.5CVSS8.8AI score0.03264EPSS
Exploits1References1
OSV
OSV
added 2005/12/04 11:3 a.m.8 views

CVE-2005-3980

SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter...

8.6AI score
Exploits0References12
Debian CVE
Debian CVE
added 2005/12/04 11:0 a.m.43 views

CVE-2005-3980

SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter...

7.5CVSS7.3AI score0.03264EPSS
Exploits1
CVE
CVE
added 2005/12/04 11:0 a.m.54 views

CVE-2005-3980

CVE-2005-3980 describes an SQL injection in Edgewall Trac’s ticket query module, exploitable via the group parameter. The vulnerability affects Trac 0.9 and possibly earlier, enabling remote SQL commands to be executed. Multiple sources (NVD, OSV, OpenVAS, and OSV detail entries) corroborate the ...

7.5CVSS8.2AI score0.03264EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2005/12/04 11:0 a.m.23 views

CVE-2005-3980

SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter...

8.2AI score0.03264EPSS
Exploits1References8
Packet Storm
Packet Storm
added 2005/12/03 12:0 a.m.23 views

EdgewallSQL.txt

Edgewall Trac SQL Injection Vulnerability Trac is an enhanced wiki and issue tracking system for software development project. It provides an interface to Subversion. More information on http://projects.edgewall.com/trac/ Description: Malicious user can conduct SQL injection in ticket query modul...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/12/02 12:0 a.m.20 views

Edgewall Trac SQL Injection Vulnerability

Edgewall Trac SQL Injection Vulnerability Trac is an enhanced wiki and issue tracking system for software development project. It provides an interface to Subversion. More information on http://projects.edgewall.com/trac/ Description: Malicious user can conduct SQL injection in ticket query modul...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/12/02 12:0 a.m.32 views

Trac Ticket Query Module group Parameter SQL Injection

The remote host is running Trac, an enhanced wiki and issue tracking system for software development projects written in Python. The remote version of this software is prone to a SQL injection flaw through the ticket query module due to 'group' parameter is not properly sanitized. %NASLMINLEVEL...

7.5CVSS5.8AI score0.03264EPSS
Exploits1References3
exploitpack
exploitpack
added 2005/12/01 12:0 a.m.15 views

Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection

Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection source: https://www.securityfocus.com/bid/15676/info Trac is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successf...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2005/12/01 12:0 a.m.24 views

Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection

source: https://www.securityfocus.com/bid/15676/info Trac is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.19 views

FreeBSD : trac -- file upload/download vulnerability (b02c1d80-e1bb-11d9-b875-0001020eed82)

Stefan Esser reports : Trac's wiki and ticket systems allows to add attachments to wiki entries and bug tracker tickets. These attachments are stored within directories that are determined by the id of the corresponding ticket or wiki entry. Due to a missing validation of the id parameter it is...

6.4CVSS5.9AI score0.01417EPSS
Exploits0References4
Debian
Debian
added 2005/07/06 2:9 p.m.13 views

[SECURITY] [DSA 739-1] New trac package fixes upload/download vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 739-1 [email protected] http://www.debian.org/security/ Martin Schulze July 6th, 2005 http://www.debian.org/security/faq -...

0.5AI score
Exploits0
Debian
Debian
added 2005/07/06 2:9 p.m.10 views

[SECURITY] [DSA 739-1] New trac package fixes upload/download vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 739-1 [email protected] http://www.debian.org/security/ Martin Schulze July 6th, 2005 http://www.debian.org/security/faq -...

7.9AI score
Exploits0
Rows per page
Query Builder