IDCVSSSummaryLast (major) updatePublished
CVE-2007-0347 4.3
The is_eow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" (quote) character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service (database error) via a ' cha
16-10-2018 - 16:32 29-01-2007 - 20:28
CVE-2004-1146 4.3
Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and (2) login.c for CVSTrac before 1.1.5 allow remote attackers to inject arbitrary HTML and web script.
11-07-2017 - 01:30 31-12-2004 - 05:00
CVE-2004-1456 7.5
filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo.
11-07-2017 - 01:31 31-12-2004 - 05:00
Back to Top Mark selected
Back to Top