Mozilla : Security Vulnerabilities, CVEs, Published In 2009 (Sql injection)
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
Max CVSS
7.5
EPSS Score
0.14%
Published
2009-09-15
Updated
2009-09-16
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
Max CVSS
7.5
EPSS Score
0.14%
Published
2009-09-15
Updated
2009-09-16
2 vulnerabilities found