Exploit for PHP Remote File Inclusion in Synacor Zimbra_Collaboration_Suite

CVE-2025-68645 - Zimbra Path Traversal Vulnerability !Secur...

EUVD-2010-0211

Malware in sbrugna...

FreeBSD : bugzilla -- information disclosure (f1331504-8849-11df-89b8-00151735203a)

A Bugzilla Security Advisory reports : - Normally, information about time-tracking estimated hours, actual hours, hours worked, and deadlines is restricted to users in the 'time-tracking group'. However, any user was able, by crafting their own search URL, to search for bugs based using those...

CVE-2010-0180

Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when usesuexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the sitewidesecret field...

CVE-2010-0180

Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when usesuexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the sitewidesecret field...

CVE-2010-0180

Bugzilla localconfig information disclosure (CVE-2010-0180) affects Bugzilla 3.5.1–3.6.1 and 3.7.x when use_suexec is enabled. World-readable permissions on localconfig can allow local users to read sensitive fields (e.g., database password, site_wide_secret). Related CVEs (CVE-2010-2470) note si...

CVE-2010-0180

Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when usesuexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the sitewidesecret field...

Mozilla Bugzilla localconfig文件信息泄露漏洞

BUGTRAQ ID: 41144 CVE ID: CVE-2010-0180 Bugzilla是很多软件项目都在使用的基于Web的BUG跟踪系统。 如果在localconfig文件中将$usesuexec设置为1，则localconfig文件的权限就会被设置为checksetup.pl完全可读，这允许所有拥有本地shell访问的用户都可以查看文件内容，包括数据库口令和用于防范CSRF的sitewidesecret变量。 Mozilla Bugzilla 3.x Mozilla Bugzilla 2.x 厂商补丁： Mozilla -------...

bugzilla -- information disclosure

A Bugzilla Security Advisory reports: Normally, information about time-tracking estimated hours, actual hours, hours worked, and deadlines is restricted to users in the "time-tracking group". However, any user was able, by crafting their own search URL, to search for bugs based using those fields...