CVE-2005-3980

HIGH

7.5

CVSS Severity Score

EPSS Score0.1370%

EPSS Percentile9.06th

PublishedDec 4, 2005

Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter.

Affected Platforms (CPE)

📦

Edgewall Software

Trac

= 0.5.1

📦

Edgewall Software

Trac

= 0.5.2

📦

Edgewall Software

Trac

= 0.6

📦

Edgewall Software

Trac

= 0.6.1

📦

Edgewall Software

Trac

= 0.7

📦

Edgewall Software

Trac

= 0.7.1

📦

Edgewall Software

Trac

= 0.8

📦

Edgewall Software

Trac

= 0.8.1

📦

Edgewall Software

Trac

= 0.8.2

📦

Edgewall Software

Trac

= 0.8.3

📦

Edgewall Software

Trac

= 0.8.4

📦

Edgewall Software

Trac

= 0.9

📦

Edgewall Software

Trac

= 0.9b1

📦

Edgewall Software

Trac

= 0.9b2

📦

Edgewall Software

Trac

= 0.50.9

References & Advisories

🔗 http://projects.edgewall.com/trac/wiki/ChangeLog

🔗 http://secunia.com/advisories/17836/

🔗 http://securitytracker.com/id?1015302

🔗 http://www.osvdb.org/21386

🔗 http://www.securityfocus.com/archive/1/418294/100/0/threaded

🔗 http://www.securityfocus.com/bid/15676/

🔗 http://www.vupen.com/english/advisories/2005/2701

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/23461

Vulnerability Description

Affected Platforms (CPE)

Trac

Trac

Trac

Trac

Trac

Trac

Trac

Trac

Trac

Trac

Trac

Trac

Trac

Trac

Trac

References & Advisories

Related Vulnerabilities