CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2009-0486

Malware in sbrugna...

5.8CVSS6.1AI score0.00267EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2004-1627

Malware in sbrugna...

5CVSS6.4AI score0.00288EPSS

Exploits0References4

seebug.org•added 2014/07/01 12:0 a.m.•12 views

Mozilla Bugzilla 2.4/2.6/2.8/2.10 Remote Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/1199/info Bugzilla is a web-based bug-tracking system based on Perl and MySQL. It allows people to submit bugs and catalogs them. Bugzilla is prone to a vulnerability which may allow remote users to execute arbitrary...

7.1AI score

Exploits0

UbuntuCve•added 2009/02/09 5:30 p.m.•16 views

CVE-2009-0482

Cross-site request forgery CSRF vulnerability in Bugzilla before 3.2 before 3.2.1, 3.3 before 3.3.2, and other versions before 3.2 allows remote attackers to perform bug updating activities as other users via a link or IMG tag to processbug.cgi...

5.8CVSS5.9AI score0.00267EPSS

Exploits0References1

Cvelist•added 2009/02/09 5:0 p.m.•16 views

CVE-2009-0482

6.5AI score0.00267EPSS

Exploits0References5

OpenVAS•added 2005/11/03 12:0 a.m.•18 views

Bugzilla remote arbitrary command execution

The remote Bugzilla bug tracking system, according to its version number, is vulnerable to arbitrary commands execution flaws due to a lack of sanitization of user-supplied data in processbug.cgi SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenc...

7.5CVSS7.2AI score0.01125EPSS

Exploits0References1

CVE•added 2005/07/08 4:0 a.m.•50 views

CVE-2005-2173

Bugzilla CVE-2005-2173 affects versions 2.17.1–2.18.1 and 2.19.1–2.19.3, where Flag::validate and Flag::modify do not verify that the flag ID matches the target bug or attachment. This permits changing flags on arbitrary bugs and obtaining a bug summary via process_bug.cgi, exposing information. ...

5CVSS6.5AI score0.00384EPSS

Exploits0References3Affected Software1

CVE•added 2005/02/20 5:0 a.m.•44 views

CVE-2004-1633

The CVE-2004-1633 issue affects Bugzilla 2.9 through 2.18rc2 and 2.19 from CVS, where process_bug.cgi does not enforce edit permissions on the keywords field. An authenticated remote user can modify a bug’s keywords via the keywordaction parameter. The connection documents confirm the vulnerable ...

5CVSS6.6AI score0.00288EPSS

Exploits0References3Affected Software1

CVE•added 2003/04/02 5:0 a.m.•55 views

CVE-2001-1406

CVE-2001-1406 affects Bugzilla prior to 2.14. The vulnerability occurs when moving a bug between product groups, where the groupset flag is not updated, causing the bug to retain the old group’s (potentially less stringent) restrictions. This is a local issue with low public impact per the CVSS v...

2.1CVSS6.8AI score0.00207EPSS

Exploits0References4Affected Software1

Cvelist•added 2002/08/31 4:0 a.m.•21 views

CVE-2001-1402

Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting CSS and possibly SQL injection attacks on 1 the product or output form variables for reports.cgi, 2 the voteon, bugid, and user...

7.2AI score0.01122EPSS

Exploits0References8

CVE•added 2000/07/12 4:0 a.m.•50 views

CVE-2000-0421

The CVE-2000-0421 entry corresponds to a vulnerability in Bugzilla where the process_bug.cgi script fails to sanitize user-supplied data, enabling remote arbitrary command execution. Technical documentation from connected sources confirms this flaw affects Bugzilla’s remote command execution via ...

7.5CVSS7.6AI score0.01125EPSS

Exploits0References2Affected Software1