CVE-2001-0330

2001-09-1804:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.009

Percentile

82.6%

JSON

Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed.

References

www.atstake.com/research/advisories/2001/a043001-1.txt

www.securityfocus.com/bid/2671

exchange.xforce.ibmcloud.com/vulnerabilities/6489