exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2006-3695

больше 19 лет назад

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458.

CVSS2: 6.8

EPSS: Низкий

CVE-2006-3695

больше 19 лет назад

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458.

CVSS2: 6.8

EPSS: Низкий

CVE-2006-3695

больше 19 лет назад

Trac before 0.9.6 does not disable the "raw" or "include" commands whe ...

CVSS2: 6.8

EPSS: Низкий

GHSA-r524-c2gf-5chr

больше 3 лет назад

Trac reStructuredText breach of privacy and denial of service vulnerability

CVSS3: 9.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2006-3695 Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458.	CVSS2: 6.8	3% Низкий	больше 19 лет назад
CVE-2006-3695 Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458.	CVSS2: 6.8	3% Низкий	больше 19 лет назад
CVE-2006-3695 Trac before 0.9.6 does not disable the "raw" or "include" commands whe ...	CVSS2: 6.8	3% Низкий	больше 19 лет назад
GHSA-r524-c2gf-5chr Trac reStructuredText breach of privacy and denial of service vulnerability	CVSS3: 9.4	3% Низкий	больше 3 лет назад

Уязвимостей на страницу