Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL code and create files or gain privileges via (1) the sql parameter in buglist.cgi, (2) invalid field names from the "boolean chart" query in buglist.cgi, (3) the mybugslink parameter in userprefs.cgi, (4) a malformed bug ID in the buglist parameter in long_list.cgi, and (5) the value parameter in editusers.cgi, which allows groupset privileges to be modified by attackers with blessgroupset privileges.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-01-10T05:00:00
Updated: 2005-07-03T00:00:00
Reserved: 2002-01-09T00:00:00
Link: CVE-2002-0010
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-01-31T05:00:00.000
Modified: 2008-09-10T19:11:03.070
Link: CVE-2002-0010
JSON object: View
Redhat Information
No data.
CWE