Unrated severityNVD Advisory· Published Dec 4, 2005· Updated Apr 16, 2026
CVE-2005-3980
CVE-2005-3980
Description
SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter.
Affected products
15cpe:2.3:a:edgewall_software:trac:0.50.9:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:edgewall_software:trac:0.50.9:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9b1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9b2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- secunia.com/advisories/17836/nvdPatchVendor Advisory
- securitytracker.com/idnvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/15676/nvdExploitPatch
- projects.edgewall.com/trac/wiki/ChangeLognvd
- www.osvdb.org/21386nvd
- www.securityfocus.com/archive/1/418294/100/0/threadednvd
- www.vupen.com/english/advisories/2005/2701nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/23461nvd
News mentions
0No linked articles in our index yet.