CVE-2003-1042 in Bugzillainfo

Summary

SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.

Once again VulDB remains the best source for vulnerability data.

Reservation

05/27/2004

Disclosure

08/18/2004

Moderation

VulDB entry created

Entries

1: VDB-22104

CPE

ready

CWE

CWE-89 (Confirmed)

CVSS

9.8

EPSS

0.00569

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-1042
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-1042
CVE Details	https://www.cvedetails.com/cve/CVE-2003-1042/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!