Lucene search
HistoryAug 18, 2004 - 4:00 a.m.
CVE-2003-1043
cve-2003-1043
bugzilla
sql injection
vulnerability
nvd
editkeywords privileges
editkeywords.cgi
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.8%
SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi.
Affected configurations
Node
mozillabugzillaMatch2.4
ORmozillabugzillaMatch2.6
ORmozillabugzillaMatch2.8
ORmozillabugzillaMatch2.10
ORmozillabugzillaMatch2.12
ORmozillabugzillaMatch2.14
ORmozillabugzillaMatch2.14.1
ORmozillabugzillaMatch2.14.2
ORmozillabugzillaMatch2.14.3
ORmozillabugzillaMatch2.14.4
ORmozillabugzillaMatch2.14.5
ORmozillabugzillaMatch2.16
ORmozillabugzillaMatch2.16.1
ORmozillabugzillaMatch2.16.2
ORmozillabugzillaMatch2.16.3
ORmozillabugzillaMatch2.17.1
ORmozillabugzillaMatch2.17.3
ORmozillabugzillaMatch2.17.4
Related
nvd
nvd
CVE-2003-1043
2004-08-18 04:00:00
cvelist
cvelist
CVE-2003-1043
2004-06-03 04:00:00
nessus
nessus
Bugzilla < 2.16.4 / 2.17.5 Multiple Vulnerabilities (SQLi, ID)
2003-11-05 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.8%
Related for CVE-2003-1043