3 matches found
CVE-2001-0329
Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by 1 the Bugzillalogin cookie in postbug.cgi, or 2 the who parameter in processbug.cgi...
CVE-2001-0329
Bugzilla 2.10 is vulnerable to remote arbitrary command execution via shell metacharacters in a username, processed by (1) the Bugzilla_login cookie in post_bug.cgi or (2) the who parameter in process_bug.cgi. The root cause is lack of input sanitization in the CGI workflow, enabling an attacker ...
CVE-2001-0329
Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by 1 the Bugzillalogin cookie in postbug.cgi, or 2 the who parameter in processbug.cgi...