7.5
CVE-2005-3980
- EPSS 3.26%
- Veröffentlicht 04.12.2005 11:03:00
- Zuletzt bearbeitet 16.06.2026 22:18:00
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Edgewall Software ≫ Trac Version0.5.1
Edgewall Software ≫ Trac Version0.5.2
Edgewall Software ≫ Trac Version0.6
Edgewall Software ≫ Trac Version0.6.1
Edgewall Software ≫ Trac Version0.7
Edgewall Software ≫ Trac Version0.7.1
Edgewall Software ≫ Trac Version0.8
Edgewall Software ≫ Trac Version0.8.1
Edgewall Software ≫ Trac Version0.8.2
Edgewall Software ≫ Trac Version0.8.3
Edgewall Software ≫ Trac Version0.8.4
Edgewall Software ≫ Trac Version0.9
Edgewall Software ≫ Trac Version0.9b1
Edgewall Software ≫ Trac Version0.9b2
Edgewall Software ≫ Trac Version0.50.9
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.26% | 0.868 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://projects.edgewall.com/trac/wiki/ChangeLog
http://secunia.com/advisories/17836/
http://securitytracker.com/id?1015302
http://www.osvdb.org/21386
http://www.securityfocus.com/archive/1/418294/100/0/threaded
http://www.securityfocus.com/bid/15676/
http://www.vupen.com/english/advisories/2005/2701
https://exchange.xforce.ibmcloud.com/vulnerabilities/23461