Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 3.0.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2007-4538
email_in.pl in Bugzilla 2.23.4 up to and including 3.0.0 allows remote malicious users to execute arbitrary commands via the -f (From address) option to the Email::Send::Sendmail function, probably involving shell metacharacters.
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 2.6
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.8
Mozilla Bugzilla 2.9
435
VMScore
CVE-2013-1742
Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x prior to 4.0.11; 4.1.x and 4.2.x prior to 4.2.7; and 4.3.x and 4.4.x prior to 4.4.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) id or (2) s...
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 4.1
Mozilla Bugzilla 4.1.2
Mozilla Bugzilla 4.1.3
Mozilla Bugzilla 4.3.1
Mozilla Bugzilla 4.3.2
Mozilla Bugzilla 4.3
Mozilla Bugzilla 4.3.3
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
1 EDB exploit
383
VMScore
CVE-2016-2803
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 up to and including 4.4.11, and 4.5.1 up to and including 5.0.2 allows remote malicious users to inject arbitrary web script or HTML.
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.6.9
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 4.3.1
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 4.4.11
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 2.16 Rc2
Mozilla Bugzilla 4.4.7
Mozilla Bugzilla 5.0
Mozilla Bugzilla 4.4.8
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 4.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
383
VMScore
CVE-2014-1573
Bugzilla 2.x up to and including 4.0.x prior to 4.0.15, 4.1.x and 4.2.x prior to 4.2.11, 4.3.x and 4.4.x prior to 4.4.6, and 4.5.x prior to 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote malicious users to conduct cross-site sc...
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Fedoraproject Fedora 19
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.6.9
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 4.3.1
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 2.16 Rc2
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 4.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
383
VMScore
CVE-2014-1546
The response function in the JSONP endpoint in WebService/Server/JSONRPC.pm in jsonrpc.cgi in Bugzilla 3.x and 4.x prior to 4.0.14, 4.1.x and 4.2.x prior to 4.2.10, 4.3.x and 4.4.x prior to 4.4.5, and 4.5.x prior to 4.5.5 accepts certain long callback values and does not restrict...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.6.9
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 4.3.1
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 4.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 4.2
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 4.2.5
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.6.0
Mozilla Bugzilla 3.4.2
383
VMScore
CVE-2012-4199
template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x prior to 3.6.12, 3.7.x and 4.0.x prior to 4.0.9, 4.1.x and 4.2.x prior to 4.2.4, and 4.3.x and 4.4.x prior to 4.4rc1 generates JavaScript function calls containing private product names or private component names in cer...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.6.9
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.6.0
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.6.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.6
Mozilla Bugzilla 3.6.4
383
VMScore
CVE-2012-1969
The get_attachment_link function in Template.pm in Bugzilla 2.x and 3.x prior to 3.6.10, 3.7.x and 4.0.x prior to 4.0.7, 4.1.x and 4.2.x prior to 4.2.2, and 4.3.x prior to 4.3.2 does not check whether an attachment is private before presenting the attachment description within a ...
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.17.4
383
VMScore
CVE-2011-3657
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x prior to 3.4.13, 3.5.x and 3.6.x prior to 3.6.7, 3.7.x and 4.0.x prior to 4.0.3, and 4.1.x up to and including 4.1.3, when debug mode is used, allow remote malicious users to inject arbitrary web script o...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 3.2
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
383
VMScore
CVE-2011-2976
Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 up to and including 2.22.7, 3.0.x up to and including 3.3.x, and 3.4.x prior to 3.4.12 allows remote malicious users to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie.
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 2.16.9
383
VMScore
CVE-2011-2379
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 up to and including 2.22.7, 3.0.x up to and including 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0.x prior to 4.0.2, and 4.1.x prior to 4.1.3, when Internet Explorer prior to 9 or Safari prior to 5....
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.6
Mozilla Bugzilla 2.8
Mozilla Bugzilla 2.9
Mozilla Bugzilla 2.10
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.3
Mozilla Bugzilla 2.16.4
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.7
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.9
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »