### [CVE-2011-10013](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-10013)
![](https://img.shields.io/static/v1?label=Product&message=Issue%20Tracking%20System&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-306%20Missing%20Authentication%20for%20Critical%20Function&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brightgreen)

### Description

Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be exploited via plugins.php to inject and execute arbitrary PHP code.

### POC

#### Reference
- https://www.exploit-db.com/exploits/18213
- https://www.exploit-db.com/exploits/18239
- https://www.vulncheck.com/advisories/traq-issue-tracking-system-rce

#### Github
No PoCs found on GitHub currently.