CVE-2005-2007

EPSS 1.3%

Published: 6/19/2005Modified: 4/28/2026

Description

Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the id parameter to the (1) upload or (2) attachment scripts.

Affected packages (1)

Debian/tracfrom 0, < 0.8.4-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-2007