10
CVE-2003-1042
- EPSS 2.57%
- Veröffentlicht 18.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.57% | 0.831 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
http://bugzilla.mozilla.org/show_bug.cgi?id=214290
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000774
http://www.securityfocus.com/archive/1/343185
http://www.securityfocus.com/bid/8953
https://exchange.xforce.ibmcloud.com/vulnerabilities/13594