← Back

Traq

traq

Vendor: Traq • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-20780
1Traq
1Traq
Nov 21, 2024
Feb 11, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka group_id=1).
CVE-2018-20779
1Traq
1Traq
Nov 21, 2024
Feb 11, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Traq 3.7.1 allows SQL Injection via a tickets?search= URI.