CVE-2006-5878
published 2006-11-14CVE-2006-5878: Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via…
PriorityP427high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.11%
79.4th percentile
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | trac | < trac 0.10.1-1 (sid) | trac 0.10.1-1 (sid) |
| edgewall_software | trac | <= 0.10 | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | — | — |
| edgewall_software | trac | >= 0 < 0.10.1-1 | 0.10.1-1 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Edgewall Trac Cross-site request forgery (CSRF) vulnerability
osv·2022-05-01
CVE-2006-5878 [HIGH] Edgewall Trac Cross-site request forgery (CSRF) vulnerability
Edgewall Trac Cross-site request forgery (CSRF) vulnerability
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
GHSA
Edgewall Trac Cross-site request forgery (CSRF) vulnerability
ghsa·2022-05-01
CVE-2006-5878 [HIGH] CWE-352 Edgewall Trac Cross-site request forgery (CSRF) vulnerability
Edgewall Trac Cross-site request forgery (CSRF) vulnerability
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
OSV
CVE-2006-5878: Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0
osv·2006-11-14·CVSS 7.5
CVE-2006-5878 [HIGH] CVE-2006-5878: Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
Debian
CVE-2006-5878: trac - Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlie...
vendor_debian·2006·CVSS 7.5
CVE-2006-5878 [HIGH] CVE-2006-5878: trac - Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlie...
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
Scope: local
sid: resolved (fixed in 0.10.1-1)
trixie: resolved (fixed in 0.10.1-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/22789http://secunia.com/advisories/22868http://secunia.com/advisories/23357http://security.gentoo.org/glsa/glsa-200612-14.xmlhttp://trac.edgewall.org/ticket/4049http://trac.edgewall.org/wiki/ChangeLoghttp://www.debian.org/security/2006/dsa-1209http://www.vupen.com/english/advisories/2006/4422https://exchange.xforce.ibmcloud.com/vulnerabilities/30146http://secunia.com/advisories/22789http://secunia.com/advisories/22868http://secunia.com/advisories/23357http://security.gentoo.org/glsa/glsa-200612-14.xmlhttp://trac.edgewall.org/ticket/4049http://trac.edgewall.org/wiki/ChangeLoghttp://www.debian.org/security/2006/dsa-1209http://www.vupen.com/english/advisories/2006/4422https://exchange.xforce.ibmcloud.com/vulnerabilities/30146
2006-11-14
Published