CVE-2001-0330

2001-09-1804:00:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.6%

JSON

Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed.

References

www.atstake.com/research/advisories/2001/a043001-1.txt

www.securityfocus.com/bid/2671

exchange.xforce.ibmcloud.com/vulnerabilities/6489