Описание
SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whinedays parameter, as accessible from editparams.cgi.
SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whinedays parameter, as accessible from editparams.cgi.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0913
- https://bugzilla.mozilla.org/show_bug.cgi?id=312498
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24819
- http://secunia.com/advisories/18979
- http://www.osvdb.org/23378
- http://www.securityfocus.com/archive/1/425584/100/0/threaded
- http://www.securityfocus.com/bid/16738
- http://www.vupen.com/english/advisories/2006/0692
EPSS
CVE ID
Связанные уязвимости
SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whinedays parameter, as accessible from editparams.cgi.
SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whinedays parameter, as accessible from editparams.cgi.
SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through ...
EPSS