VYPR
Vendor

Cvstrac

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2004-1456Dec 31, 2004
    risk 0.04cvss epss 0.14

    filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo.

  • CVE-2007-0347Jan 29, 2007
    risk 0.03cvss epss 0.04

    The is_eow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" (quote) character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service (database error) via a ' character in certain messages,…

  • CVE-2004-1146Dec 31, 2004
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and (2) login.c for CVSTrac before 1.1.5 allow remote attackers to inject arbitrary HTML and web script.