CVE-2004-0707

2004-07-27T00:00:00
ID CVE-2004-0707
Type cve
Reporter NVD
Modified 2017-07-10T21:30:24

Description

SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL.