EUVD-2002-0801

Malware in sbrugna...

CVE-2009-0484

Cross-site request forgery CSRF vulnerability in Bugzilla 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete shared or saved searches via a link or IMG tag to buglist.cgi...

CVE-2009-0484

Cross-site request forgery CSRF vulnerability in Bugzilla 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete shared or saved searches via a link or IMG tag to buglist.cgi...

CVE-2009-0484

CVE-2009-0484 is a CSRF vulnerability in Bugzilla that allows remote attackers to delete shared or saved searches via a crafted link or IMG tag to buglist.cgi. Affected are Bugzilla 3.0.x before 3.0.7, 3.2.x before 3.2.1, and 3.3.x before 3.3.2. The underlying issue is cross-site request forgery ...

CVE-2005-2174

CVE-2005-2174 concerns Bugzilla where Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 insert bugs before they are private, enabling a race condition that can expose bug details via buglist.cgi before MySQL replication completes. Connected references corroborate the flaw and i...

CVE-2005-2174

Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete...

CVE-2001-1402

Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting CSS and possibly SQL injection attacks on 1 the product or output form variables for reports.cgi, 2 the voteon, bugid, and user...