2 matches found
CVE-2004-0707
SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL...
CVE-2004-0707
CVE-2004-0707 describes an SQL injection in Bugzilla’s editusers.cgi. The issue affects Bugzilla 2.16.x before 2.16.6 and 2.18 before 2.18rc1, allowing remote attackers with privileges to grant membership to any group to execute arbitrary SQL. The connected information confirms the vulnerable com...