SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   


View Topics  >  Target  >  Bugzilla

Feb 19 2018   Bugzilla Access Control Flaw in 'report.cgi' Lets Remote Users Conduct Cross-Site Request Forgery Attacks
May 17 2016   Bugzilla Input Validation Flaw in Dependency Graph Bug Summary Lets Remote Conduct Cross-Site Scripting Attacks
Jan 4 2016   Bugzilla Lets Remote Users Obtain Potentially Sensitive Information and Conduct Cross-Site Scripting Attacks
Sep 11 2015   Bugzilla Account Creation Username Truncation Lets Remote Users Gain Elevated Privileges
Oct 8 2014   Bugzilla Bugs Let Remote Users Create Unauthorized, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information
Jul 25 2014   Bugzilla Input Validation Flaw in JSONP Endpoint Permits Cross-Site Request Forgery Attacks
Apr 21 2014   Bugzilla Input Validation Flaw Permits Cross-Site Request Forgery Attacks
Oct 17 2013   Bugzilla Flaws Permit Cross-Site Scripting and Cross-Site Request Forgery Attacks
Nov 15 2012   Bugzilla Flaws Permit Cross-Site Scripting and Information Disclosure Attacks
Jul 27 2012   Bugzilla May Disclose Confidential Information to Remote Users
Feb 23 2012   Bugzilla Input Validation Flaw in XML-RPC API Permits Cross-Site Request Forgery Attacks
Feb 1 2012   Bugzilla Bugs Permit Remote Cross-Site Request Forgery and Remote Authenticated Account Impersonation Attacks
Dec 30 2011   Bugzilla Flaws Permit Cross-Site Scripting and Cross-Site Request Forgery Attacks and Let Remote Users Create Acounts
Aug 5 2011   Bugzilla Permits Cross-Site Scripting and Information Disclosure Attacks
Nov 4 2010   Bugzilla Permits Cross-Site Scripting and HTTP Response Splitting Attacks and Discloses Certain Information to Remote Users
Sep 14 2009   Bugzilla Input Validation Flaw in Bug.search and Bug.create WebService Functions Lets Remote Users Inject SQL Commands
Sep 14 2009   Bugzilla May Display the User's Password in the Browser URL
Aug 4 2009   Bugzilla Discloses Product Names to Remote Authenticated Users
Mar 31 2009   Bugzilla Input Validation Flaw in Attachment Editing Permits Cross-Site Request Forgery Attacks
Feb 4 2009   Bugzilla Randomization Bug Lets Remote Users Bypass Cross-Site Request Forgery Protections
Feb 4 2009   Bugzilla Command Validation Flaws Permit Cross-Site Request Forgery Attacks
Feb 4 2009   Bugzilla Attachment Feature Lets Remote Users Conduct Cross-Site Scripting Attacks
Aug 12 2008   Bugzilla 'importxml.pl' with '--attach_path' Option Lets Users Attach Local Files
May 6 2008   Bugzilla 'email_in.pl' May Let Remote Authenticated Users Bypass Security Checks
May 6 2008   Bugzilla XML-RPC Interface Bug Lets Remote Users Create Confirmed Bugs
May 6 2008   Bugzilla Input Validation Hole in 'Format for Printing' View 'id' Parameter Permits Cross-Site Scripting Attacks
Sep 20 2007   Bugzilla WebService Lets Remote Users Create Accounts
Aug 24 2007   Bugzilla Bugs Let Remote Users Inject Commands, Obtain Restricted Information, and Conduct Cross-Site Scripting Attacks
Feb 5 2007   Bugzilla Input Validation Flaw in Atom Feeds Permits Cross-Site Scripting Attacks and Access Control Bug May Disclose Database Password
Oct 16 2006   Bugzilla Discloses Attachment Description and 'Deadline' Field to Remote Users
Oct 16 2006   Bugzilla Input Validation Holes Permit Cross-Site Scripting Attacks
Dec 27 2005   Bugzilla 'syncshadowdb' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
Jul 8 2005   Bugzilla Lets Remote Users Modify Flags and May Disclose Private Bug Summaries to Remote Users
Nov 23 2004   (Conectiva Issues Fix) Bugzilla Lets Remote Users Delete Keywords and May Disclose Private Information
Oct 25 2004   Bugzilla Lets Remote Users Delete Keywords and May Disclose Private Information
Jul 13 2004   Bugzilla Has Several Bugs, Permitting Privilege Escalation, SQL Injection, and Cross-Site Scripting Attacks
Nov 10 2003   Bugzilla Javascript Buglists May Disclose Restricted Data to Remote Users
Nov 5 2003   (Conectiva Issues Fix) Bugzilla May Disclose Data Summaries to Remote Users and Let Privileged Authenticated Users Execute Arbitrary SQL Commands
Nov 3 2003   Bugzilla May Disclose Data Summaries to Remote Users and Let Privileged Authenticated Users Execute Arbitrary SQL Commands
May 23 2003   (Conectiva Issues Fix) Bugzilla Insecure Temporary File Processing May Let Local Users Gain Elevated Privileges
Apr 26 2003   Bugzilla Insecure Temporary File Processing May Let Local Users Gain Elevated Privileges
Jan 16 2003   (Debian Issues Fix) Bugzilla Bug Tracking System Default '.htaccess' Configuration May Disclose the Underlying Database Password to Remote Users
Jan 2 2003   Bugzilla Bug Tracking System Default '.htaccess' Configuration May Disclose the Underlying Database Password to Remote Users
Jan 2 2003   (Debian Issues Fix) Bugzilla Input Validation Hole in 'quips' Feature Lets Remote Users Conduct Cross-Site Scripting Attacks
Nov 27 2002   Bugzilla Input Validation Hole in 'quips' Feature Lets Remote Users Conduct Cross-Site Scripting Attacks
Oct 3 2002   Bugzilla Bug Tracking Input Validation Errors Let Remote Users Execute SQL Commands on the System
Aug 22 2002   (Red Hat Issues Fix for Powertools) Re: Bugzilla Bug Tracking System Has a Variety of Bugs Including Cross-Site Scripting Flaws and Access Control Errors
Jun 8 2002   Bugzilla Bug Tracking System Has a Variety of Bugs Including Cross-Site Scripting Flaws and Access Control Errors
Jan 15 2002   (Red Hat Issues Fix) Multiple Bugs in the Bugzilla Bug Tracking System Let Remote Users Access Other User Accounts, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary SQL Commands on the Server
Jan 6 2002   Multiple Bugs in the Bugzilla Bug Tracking System Let Remote Users Access Other User Accounts, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary SQL Commands on the Server
Sep 11 2001   (Red Hat Issues Fix) Bugzilla Bug Tracking Software Contains Multiple Vulnerabilities - Disclosing Confidential Data to Remote Users and Executing Arbitrary Code on the Server
Aug 31 2001   Bugzilla Bug Tracking Software Contains Multiple Vulnerabilities - Disclosing Confidential Data to Remote Users and Executing Arbitrary Code on the Server
May 1 2001   Bugzilla Web-Based Software Bug Tracking Tool Allows Remote Users to Execute Arbitrary Shell Commands on the Server







Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC