Lucene search
K
MozillaBonsai

4 matches found

CVE
CVE
added 2003/03/26 5:0 a.m.65 views

CVE-2003-0152

CVE-2003-0152 concerns the Bonsai Mozilla CVS query tool CGI, allowing remote execution of arbitrary commands as www-data. Public records (Debian DSA-265) show fixes in Bonsai updates (e.g., bonsai 1.3+cvs20020224-1woody1 for woody; later fixes for sid). OpenVAS/Nessus entries corroborate multipl...

7.5CVSS7.4AI score0.02367EPSS
CVE
CVE
added 2003/03/26 5:0 a.m.62 views

CVE-2003-0153

CVE-2003-0153 affects the bonsai Mozilla CVS query tool. The vulnerability is an absolute path disclosure exposed in error messages generated by cvslog.cgi, cvsview2.cgi, and multidiff.cgi. Connected records confirm Debian advisory DSA-265-1 documents the issue and notes a missing update; OpenVAS...

5CVSS6.3AI score0.05668EPSS
CVE
CVE
added 2003/03/26 5:0 a.m.60 views

CVE-2003-0154

CVE-2003-0154 affects the Bonsai Mozilla CVS query tool (CGI suite) used to browse CVS repositories. The vulnerability is a cross-site scripting (XSS) flaw that can be triggered via multiple parameters: cvslog.cgi (file, root, rev), cvsblame.cgi (file, root), cvsquery.cgi (various), showcheckins....

6.8CVSS6.5AI score0.04593EPSS
CVE
CVE
added 2003/03/26 5:0 a.m.54 views

CVE-2003-0155

CVE-2003-0155 affects bonsai, the Mozilla CVS query tool. It allows remote attackers to access the parameters page without authentication, exposing configuration parameters. CVSS v2 base score is 5.0 (medium) with Network attack vector, low attack complexity, no authentication required, and parti...

5CVSS6.7AI score0.0177EPSS