EUVD-2006-2107

Malware in sbrugna...

Edgewall Software Trac 0.7.1/0.8/0.9 Search Module SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15720/info Trac is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow a...

Edgewall Software Trac 0.9 Ticket Query Module SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15676/info Trac is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result ...

Trac文本格式报表信息泄露漏洞

CVECAN ID: CVE-2009-4405 Trac是用Python编写的基于Web的事件跟踪系统。 Trac在生成逗号分隔或制表符分隔的文本格式报表时没有正确地强制某些策略，用户无需必要的权限就可以从故障单中访问敏感信息。 Edgewall Software Trac 0.11.6 厂商补丁： Edgewall Software ----------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://trac.edgewall.org/browser/tags/trac-0.11.6/RELEASE...

Trac Wiki引擎跨站脚本执行漏洞

BUGTRAQ ID: 30400 CVECAN ID: CVE-2008-3328 Trac是用Python编写的基于Web的事件跟踪系统。 Trac的Wiki引擎没有正确地验证某些参数便返回给了用户，远程攻击者可以通过向服务器提交恶意请求执行脚本注入或跨站脚本攻击。 Edgewall Software Trac 0.10.5 Edgewall Software ----------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://ftp.edgewall.com/pub/trac/trac-0.10.5.tar.gz...

Cross site scripting

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

CVE-2006-2106

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

CVE-2006-2106

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

CVE-2006-2106

Trac 0.9.4 and earlier contain a cross-site scripting (XSS) vulnerability in the wiki macro, allowing a remote attacker to inject arbitrary script/HTML in the browser. Upgrade to Trac 0.9.5 per Edgewall’s advisory/blog referenced in the sources to mitigate.

CVE-2006-2106

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

CVE-2006-2106

Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...

Edgewall Software Trac SQL injection flaw

The remote version of Trac is prone to a SQL injection flaw through the ticket query module due to SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Edgewall Software Trac 0.7.10.80.9 Search Module - SQL Injection

Edgewall Software Trac 0.7.10.80.9 Search Module - SQL Injection source: https://www.securityfocus.com/bid/15720/info Trac is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...

Edgewall Software Trac 0.7.1/0.8/0.9 Search Module - SQL Injection

source: https://www.securityfocus.com/bid/15720/info Trac is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to compromise the...

Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection

Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection source: https://www.securityfocus.com/bid/15676/info Trac is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successf...

Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection

source: https://www.securityfocus.com/bid/15676/info Trac is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application...