Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 3.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3125
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 up to and including 3.4.1, and 3.5, allows remote malicious users to execute arbitrary SQL commands via unspecified parameters.
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.4
NA
CVE-2009-3166
token.cgi in Bugzilla 3.4rc1 up to and including 3.4.1 places a password in a URL at the beginning of a login session that occurs immediately after a password reset, which allows context-dependent malicious users to discover passwords by reading (1) web-server access logs, (2) we...
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.4
NA
CVE-2009-3386
Template.pm in Bugzilla 3.3.2 up to and including 3.4.3 and 3.5 up to and including 3.5.1 allows remote malicious users to discover the alias of a private bug by reading the (1) Depends On or (2) Blocks field of a related bug.
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.4
NA
CVE-2009-3387
Bugzilla 3.3.1 up to and including 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote malicious users to obtain sensitive information via a request for a bug in oppo...
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.3.1
NA
CVE-2009-3165
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 up to and including 3.0.8, 3.1.1 up to and including 3.2.4, and 3.3.1 up to and including 3.4.1 allows remote malicious users to execute arbitrary SQL commands via unspecified parameters.
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.1.4
Mozilla Bugzilla 3.0.3
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.0.2
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.2.2
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.0.8
NA
CVE-2010-1204
Search.pm in Bugzilla 2.17.1 up to and including 3.2.6, 3.3.1 up to and including 3.4.6, 3.5.1 up to and including 3.6, and 3.7 allows remote malicious users to obtain potentially sensitive time-tracking information via a crafted search URL, related to a "boolean chart searc...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.6
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.0.11
Mozilla Bugzilla 3.0.6
NA
CVE-2011-2380
Bugzilla 2.23.3 up to and including 2.22.7, 3.0.x up to and including 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0.x prior to 4.0.2, and 4.1.x prior to 4.1.3 allows remote malicious users to determine the existence of private group names via a crafted par...
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 2.23.3
Mozilla Bugzilla 2.23.1
Mozilla Bugzilla 2.23
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.9
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.4.10
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.4.8
Mozilla Bugzilla 3.4.7
Mozilla Bugzilla 3.4.11
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.5
Mozilla Bugzilla 3.4.6
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.6.1
NA
CVE-2011-2976
Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 up to and including 2.22.7, 3.0.x up to and including 3.3.x, and 3.4.x prior to 3.4.12 allows remote malicious users to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie.
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 2.16.9
NA
CVE-2011-2381
CRLF injection vulnerability in Bugzilla 2.17.1 up to and including 2.22.7, 3.0.x up to and including 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0.x prior to 4.0.2, and 4.1.x prior to 4.1.3 allows remote malicious users to inject arbitrary e-mail headers ...
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 2.20.1
Mozilla Bugzilla 2.22.2
Mozilla Bugzilla 2.18.1
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.22.5
Mozilla Bugzilla 2.19.1
NA
CVE-2010-4567
Bugzilla prior to 3.2.10, 3.4.x prior to 3.4.10, 3.6.x prior to 3.6.4, and 4.0.x prior to 4.0rc2 does not properly handle whitespace preceding a (1) javascript: or (2) data: URI, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via the URL (aka bu...
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 2.16 Rc2
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 3.2
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.6.0
Mozilla Bugzilla 3.4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »