CyberSec.Space Logo
Back to CVE Browser

CVE-2005-4065

HIGH
7.5
CVSS Severity Score
EPSS Score0.0440%
EPSS Percentile28.14th
PublishedDec 7, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Affected Platforms (CPE)

πŸ“¦
Edgewall Software

Trac

= 0.7.1
πŸ“¦
Edgewall Software

Trac

= 0.8.1
πŸ“¦
Edgewall Software

Trac

= 0.8.3
πŸ“¦
Edgewall Software

Trac

= 0.8.4
πŸ“¦
Edgewall Software

Trac

= 0.9
πŸ“¦
Edgewall Software

Trac

= 0.9.1

References & Advisories

πŸ”— http://lists.edgewall.com/archive/trac/2005-December/005777.html
πŸ”— http://projects.edgewall.com/trac/wiki/ChangeLog
πŸ”— http://secunia.com/advisories/17894
πŸ”— http://secunia.com/advisories/18555
πŸ”— http://securityreason.com/securityalert/222
πŸ”— http://www.debian.org/security/2006/dsa-951
πŸ”— http://www.osvdb.org/21459
πŸ”— http://www.securityfocus.com/bid/15720

Related Vulnerabilities

CVE-2007-140610.0

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, whic...

CVE-2019-10030678.8

Jenkins Trac Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewe...

CVE-2006-58787.5

Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized ...

CVE-2005-39807.5

SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execut...