CyberSec.Space Logo
CVEブラウザに戻る

CVE-2005-4065

HIGH
7.5
CVSS Severity Score
EPSS Score0.0440%
EPSS Percentile28.14th
Published2005年12月7日
Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Affected Platforms (CPE)

📦
Edgewall Software

Trac

= 0.7.1
📦
Edgewall Software

Trac

= 0.8.1
📦
Edgewall Software

Trac

= 0.8.3
📦
Edgewall Software

Trac

= 0.8.4
📦
Edgewall Software

Trac

= 0.9
📦
Edgewall Software

Trac

= 0.9.1

References & Advisories

🔗 http://lists.edgewall.com/archive/trac/2005-December/005777.html
🔗 http://projects.edgewall.com/trac/wiki/ChangeLog
🔗 http://secunia.com/advisories/17894
🔗 http://secunia.com/advisories/18555
🔗 http://securityreason.com/securityalert/222
🔗 http://www.debian.org/security/2006/dsa-951
🔗 http://www.osvdb.org/21459
🔗 http://www.securityfocus.com/bid/15720

関連する脆弱性情報

CVE-2007-140610.0

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, whic...

CVE-2019-10030678.8

Jenkins Trac Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewe...

CVE-2006-58787.5

Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized ...

CVE-2005-39807.5

SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execut...