Vulnerabilities > Edgewall Software > Trac > 0.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-07-27 | CVE-2008-3328 | Cross-Site Scripting vulnerability in Edgewall Software Trac Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2006-11-14 | CVE-2006-5878 | Cross-Site Request Forgery vulnerability in Trac Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors. | 7.5 |
2005-06-19 | CVE-2005-2007 | Directory Traversal vulnerability in Trac Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier allows remote attackers to read or write arbitrary files via a .. | 6.4 |