CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured to perform reverse DNS lookups, allows remote attackers to bypass IP restrictions by connecting from a system with a spoofed reverse DNS hostname...

6.7AI score0.00552EPSS

Exploits0References6

Cvelist•added 2002/08/31 4:0 a.m.•17 views

CVE-2001-1403

Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar...

6.8AI score0.00527EPSS

Exploits0References3

Cvelist•added 2002/07/31 4:0 a.m.•14 views

CVE-2002-0803

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote attackers to display restricted products and components via a direct HTTP request to queryhelp.cgi...

6.7AI score0.01395EPSS

Exploits0References6

NVD•added 2001/09/10 4:0 a.m.•18 views

CVE-2001-1404

Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges...

7.5CVSS6.9AI score0.00527EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by