VYPR
Vendor

Traptitech

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2011-10013CriAug 13, 2025
    risk 0.74cvss epss 0.01

    Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be…

  • CVE-2025-57813MedAug 26, 2025
    risk 0.31cvss 5.9epss 0.00

    traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could…

  • CVE-2018-20779Feb 11, 2019
    risk 0.00cvss epss 0.02

    Traq 3.7.1 allows SQL Injection via a tickets?search= URI.

  • CVE-2018-20780Feb 11, 2019
    risk 0.00cvss epss 0.01

    Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka group_id=1).