Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 2.16.2 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2003-0013
The default .htaccess scripts for Bugzilla 2.14.x prior to 2.14.5, 2.16.x prior to 2.16.2, and 2.17.x prior to 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote malicious users to ob...
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.17
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.16
605
VMScore
CVE-2013-1734
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x prior to 4.0.11; 4.1.x and 4.2.x prior to 4.2.7; and 4.3.x and 4.4.x prior to 4.4.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that co...
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.17.5
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.7
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.20.1
605
VMScore
CVE-2011-3669
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x prior to 4.2rc1 allows remote malicious users to hijack the authentication of arbitrary users for requests that upload attachments.
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.19.1
Mozilla Bugzilla 2.20.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.23
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 2.8
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.22.2
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.18.6\\+
Mozilla Bugzilla 2.20.7
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18.5
605
VMScore
CVE-2011-3667
The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x prior to 3.4.13, 3.5.x and 3.6.x prior to 3.6.7, 3.7.x and 4.0.x prior to 4.0.3, and 4.1.x up to and including 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account se...
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.0.10
Mozilla Bugzilla 3.0.11
Mozilla Bugzilla 3.0.9
Mozilla Bugzilla 3.2.10
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 3.2.9
Mozilla Bugzilla 3.4.12
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.9
605
VMScore
CVE-2011-3668
Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x prior to 4.2rc1 allows remote malicious users to hijack the authentication of arbitrary users for requests that create bug reports.
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.23.3
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.20.4
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.9
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.19.2
605
VMScore
CVE-2011-0046
Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla prior to 3.2.10, 3.4.x prior to 3.4.10, 3.6.x prior to 3.6.4, and 4.0.x prior to 4.0rc2 allow remote malicious users to hijack the authentication of arbitrary users for requests related to (1) adding a saved s...
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.6.2
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.21.1
Mozilla Bugzilla 2.23.1
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 2.9
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.6.0
Mozilla Bugzilla 4.0
Mozilla Bugzilla 2.19
605
VMScore
CVE-2003-0602
Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x prior to 2.16.3 and 2.17.x prior to 2.17.4 allow remote malicious users to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA ...
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.17
Mozilla Bugzilla 2.17.1
516
VMScore
CVE-2009-0483
Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 prior to 2.22.7, 3.0 prior to 3.0.7, 3.2 prior to 3.2.1, and 3.3 prior to 3.3.2 allows remote malicious users to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cg...
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.18.1
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.18.7
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20.1
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.22
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 2.10
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.4
516
VMScore
CVE-2009-0482
Cross-site request forgery (CSRF) vulnerability in Bugzilla prior to 3.2 prior to 3.2.1, 3.3 prior to 3.3.2, and other versions prior to 3.2 allows remote malicious users to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.16.4
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.20.2
Mozilla Bugzilla 2.20.3
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.0.2
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.14.2
445
VMScore
CVE-2014-1572
The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x up to and including 4.0.x prior to 4.0.15, 4.1.x and 4.2.x prior to 4.2.11, 4.3.x and 4.4.x prior to 4.4.6, and 4.5.x prior to 4.5.6 does not specify a scalar context for the realname...
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Fedoraproject Fedora 21
Mozilla Bugzilla 4.5.5
Mozilla Bugzilla 4.3
Mozilla Bugzilla 4.4.2
Mozilla Bugzilla 4.4.3
Mozilla Bugzilla 4.2.2
Mozilla Bugzilla 4.2.3
Mozilla Bugzilla 4.2.10
Mozilla Bugzilla 4.1
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 4.5.3
Mozilla Bugzilla 4.5.4
Mozilla Bugzilla 4.4
Mozilla Bugzilla 4.4.1
Mozilla Bugzilla 4.2
Mozilla Bugzilla 4.2.1
Mozilla Bugzilla 4.2.8
Mozilla Bugzilla 4.2.9
Mozilla Bugzilla 4.0.12
Mozilla Bugzilla 4.0.11
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »