Vulnerabilities > Edgewall

DATE CVE VULNERABILITY TITLE RISK
2019-11-13 CVE-2010-5108 Incorrect Default Permissions vulnerability in multiple products
Trac 0.11.6 does not properly check workflow permissions before modifying a ticket.
network
low complexity
edgewall debian CWE-276
5.0
2009-12-23 CVE-2009-4405 Remote Security vulnerability in Trac
Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils < 0.6."
network
low complexity
edgewall
7.5
2009-06-22 CVE-2009-2144 SQL Injection vulnerability in multiple products
SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
edgewall firestats wordpress CWE-89
7.5
2008-07-27 CVE-2008-2951 Open Redirect vulnerability in multiple products
Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function.
network
low complexity
edgewall fedoraproject CWE-601
6.1