Vulnerabilities > Edgewall Software > High

DATE CVE VULNERABILITY TITLE RISK
2006-11-14 CVE-2006-5878 Cross-Site Request Forgery vulnerability in Trac
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
network
low complexity
edgewall-software
7.5
2005-12-07 CVE-2005-4065 SQL Injection vulnerability in Edgewall Software Trac Search Module
SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
network
low complexity
edgewall-software
7.5
2005-12-04 CVE-2005-3980 Unspecified vulnerability in Edgewall Software Trac
SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter.
network
low complexity
edgewall-software
7.5