Bugtracker.net: >> Bugtracker.net Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in BugTracker.NET before 2.7.2 allows remote attackers to inject arbitrary web script or HTML via an arbitrary custom text field.
CVSS Score
4.3
EPSS Score
0.003
Published
2008-01-17
Multiple cross-site request forgery (CSRF) vulnerabilities in BugTracker.NET before 2.7.2 allow remote attackers to delete arbitrary bugs and perform other administrative tasks via unspecified vectors, possibly related to delete_*.aspx pages, and massedit.aspx, subscribe.aspx, flag.aspx, and relationships.aspx.
CVSS Score
4.3
EPSS Score
0.001
Published
2008-01-17
Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2005-05-02