2 matches found
CVE-2001-0330
Bugzilla 2.10 contains a vulnerability where a remote attacker can access the database username and password by requesting the globals.pl file, which is served as plain text by the web server. The issue arises from exposing sensitive configuration data in a Perl CGI file. A fix is available in Bu...
CVE-2001-0330
Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed...