Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being...
6.8AI Score
0.009EPSS
Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in...
7.6AI Score
0.032EPSS
The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell...
7.6AI Score
0.004EPSS