Trac

Latest version: v1.6

Vulnerabilities (17)

CVE/PVE	Vulnerability ID	Advisory	Affected versions	Severity	Severity Score
CVE-2006-2106	61140	Cross-site scripting (XSS) vulnerability in Edgewall Software Trac 0.…	<=0.9.4	MEDIUM	4.3
CVE-2005-4305	61139	Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1,…	>=0.9,<=0.9.2	MEDIUM	4.3
CVE-2005-3980	61138	SQL injection vulnerability in the ticket query module in Edgewall Tr…	<=0.9	HIGH	7.5
CVE-2005-2147	61155	Trac before 0.8.4 allows remote attackers to read or upload arbitrary…	<0.8.4	MEDIUM	6.4
CVE-2005-2007	61153	Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier …	<=0.8.3	MEDIUM	6.4
CVE-2005-4065	61285	SQL injection vulnerability in the search module in Edgewall Trac bef…	>=0.7.1,<0.9.2	HIGH	7.5
CVE-2010-5108	61744	Trac 0.11.6 does not properly check workflow permissions before modif…	>0.11.5,>0.11.7	HIGH	7.5
CVE-2006-3695	53918	Trac before 0.9.6 does not disable the "raw" or "include" commands wh…	>=0,<0.9.6	MEDIUM	6.8
CVE-2009-4405	54212	Multiple unspecified vulnerabilities in Trac before 0.11.6 have unkno…	>=0,<0.11.6	HIGH	7.5
CVE-2008-5647	54038	Unspecified vulnerability in the HTML sanitizer filter in Trac before…	>=0,<0.11.2	MEDIUM	5.0
CVE-2008-5646	54211	Unspecified vulnerability in Trac before 0.11.2 allows attackers to c…	>=0,<0.11.2	HIGH	7.5
CVE-2006-5878	53919	Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10…	>=0,<0.11	HIGH	7.5
CVE-2008-3328	54037	Cross-site scripting (XSS) vulnerability in the wiki engine in Trac b…	>=0,<0.10.5	MEDIUM	4.3
CVE-2008-2951	54036	Open redirect vulnerability in the search script in Trac before 0.10.…	>=0,<0.10.5	MEDIUM	6.1
CVE-2007-1406	53966	Trac before 0.10.3.1 does not send a Content-Disposition HTTP header …	>=0,<0.10.3.1	HIGH	10.0
CVE-2007-1405	53965	Cross-site scripting (XSS) vulnerability in the "download wiki page a…	>=0,<0.10.3.1	MEDIUM	4.3
CVE-2005-4644	53871	Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in…	>=0,<0.10	MEDIUM	4.3