MidnightBSD

Advisories for cvstrac

CVE-2004-1146 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and (2) login.c for CVSTrac before 1.1.5 allow remote attackers to inject arbitrary HTML and web script.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cvstrac cvstrac 1.1.1
cvstrac cvstrac 1.1
cvstrac cvstrac 1.1.2
cvstrac cvstrac 1.1.4
cvstrac cvstrac 1.1.3
CVE-2004-1456 HIGH

filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cvstrac cvstrac 1.1.1
cvstrac cvstrac 1.1
cvstrac cvstrac 1.1.2
cvstrac cvstrac 1.1.3