CVE-2003-1042

2004-06-0304:00:00

mitre

www.cve.org

AI Score

7.8

Confidence

Low

EPSS

0.003

Percentile

70.7%

JSON

SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.

References

bugzilla.mozilla.org/show_bug.cgi?id=214290

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000774

www.securityfocus.com/archive/1/343185

www.securityfocus.com/bid/8953

exchange.xforce.ibmcloud.com/vulnerabilities/13594