Filter
AND

Mozilla BugzillaCSRF

medium
6.8
First published (updated )
CVE-2013-1734

Mozilla BugzillaBugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and…

medium
5
First published (updated )
CVE-2012-4747

Mozilla Bugzillaprocess_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between …

low
2.1
First published (updated )
CVE-2001-1406

Mozilla BugzillaBugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause …

low
2.1
First published (updated )
CVE-2001-1405

Mozilla BugzillaBugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email mess…

high
7.5
First published (updated )
CVE-2001-1404

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mozilla BugzillaBugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the d…

high
7.5
First published (updated )
CVE-2001-1407

Mozilla BugzillaBugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain…

high
7.5
First published (updated )
CVE-2001-1403

Mozilla BugzillaSQL Injection

high
7.5
First published (updated )
CVE-2001-1402

Mozilla BugzillaBugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzi…

high
7.5
First published (updated )
CVE-2001-1401

Mozilla BugzillaBugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a us…

high
7.5
First published (updated )
CVE-2001-0329

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mozilla BugzillaBugzilla 2.10 allows remote attackers to access sensitive information, including the database userna…

high
7.5
First published (updated )
CVE-2001-0330

Mozilla Bugzillaeditproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly rem…

high
7.5
First published (updated )
CVE-2003-1044

Mozilla Bugzillavotes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read…

medium
5
First published (updated )
CVE-2003-1045

Mozilla BugzillaSQL Injection

critical
10
First published (updated )
CVE-2003-1042

Mozilla BugzillaSQL Injection

critical
10
First published (updated )
CVE-2003-1043

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mozilla Bugzilladescribecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when …

high
7.5
First published (updated )
CVE-2003-1046

Mozilla Bugzillashow_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup featu…

medium
5
First published (updated )
CVE-2004-1634

Mozilla BugzillaBugzilla 2.17.1 through 2.18rc2 and 2.19 from cvs, when using the insidergroup feature, does not suf…

medium
5
First published (updated )
CVE-2004-1635

Mozilla BugzillaUnknown vulnerability in (1) duplicates.cgi and (2) buglist.cgi in Bugzilla 2.16.x before 2.16.6, 2.…

medium
5
First published (updated )
CVE-2004-0704

Mozilla BugzillaBugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to…

low
2.1
First published (updated )
CVE-2004-0706

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mozilla BugzillaDBI in Bugzilla 2.17.1 through 2.17.7 displays the database password in an error message when the SQ…

medium
5
First published (updated )
CVE-2004-0702

Mozilla BugzillaUnknown vulnerability in the administrative controls in Bugzilla 2.17.1 through 2.17.7 allows users …

high
7.5
First published (updated )
CVE-2004-0703

Mozilla BugzillaXSS

medium
6.8
First published (updated )
CVE-2004-0705

Mozilla BugzillaSQL Injection

high
7.5
First published (updated )
CVE-2004-0707

Mozilla Bugzillaemail_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers to execute arbitrary commands v…

medium
5
First published (updated )
CVE-2007-4538

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mozilla BugzillaThe WebService (XML-RPC) interface in Bugzilla 2.23.3 through 3.0.0 does not enforce permissions for…

medium
5
First published (updated )
CVE-2007-4539

Mozilla BugzillaPath Traversal

high
7.1
First published (updated )
CVE-2008-4437

Mozilla Bugzillaemail_in.pl in Bugzilla 2.23.4, 3.0.x before 3.0.4, and 3.1.x before 3.1.4 allows remote authenticat…

low
3.5
First published (updated )
CVE-2008-2105

Mozilla BugzillaBugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and 3.5.x before 3.5.3 does not bloc…

medium
4.3
First published (updated )
CVE-2009-3989

Mozilla BugzillaCode Injection, CRLF Injection

low
2.6
First published (updated )
CVE-2010-3172

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203