Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 2.22.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5455
Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla prior to 2.22.1 and 2.23.x prior to 2.23.3 allows user-assisted remote malicious users to create, modify, or delete arbitrary bug reports via a crafted URL.
Mozilla Bugzilla
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 2.23.1
Mozilla Bugzilla 2.23
NA
CVE-2011-3668
Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x prior to 4.2rc1 allows remote malicious users to hijack the authentication of arbitrary users for requests that create bug reports.
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.16 Rc2
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
NA
CVE-2011-3669
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x prior to 4.2rc1 allows remote malicious users to hijack the authentication of arbitrary users for requests that upload attachments.
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.16 Rc2
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
NA
CVE-2011-3667
The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x prior to 3.4.13, 3.5.x and 3.6.x prior to 3.6.7, 3.7.x and 4.0.x prior to 4.0.3, and 4.1.x up to and including 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account se...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 3.2
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
NA
CVE-2011-3657
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x prior to 3.4.13, 3.5.x and 3.6.x prior to 3.6.7, 3.7.x and 4.0.x prior to 4.0.3, and 4.1.x up to and including 4.1.3, when debug mode is used, allow remote malicious users to inject arbitrary web script o...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 3.2
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
NA
CVE-2012-1969
The get_attachment_link function in Template.pm in Bugzilla 2.x and 3.x prior to 3.6.10, 3.7.x and 4.0.x prior to 4.0.7, 4.1.x and 4.2.x prior to 4.2.2, and 4.3.x prior to 4.3.2 does not check whether an attachment is private before presenting the attachment description within a ...
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.17.4
NA
CVE-2012-3981
Auth/Verify/LDAP.pm in Bugzilla 2.x and 3.x prior to 3.6.11, 3.7.x and 4.0.x prior to 4.0.8, 4.1.x and 4.2.x prior to 4.2.3, and 4.3.x prior to 4.3.3 does not restrict the characters in a username, which might allow remote malicious users to inject data into an LDAP directory via...
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.17.4
NA
CVE-2012-0466
template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x prior to 3.6.9, 3.7.x and 4.0.x prior to 4.0.6, and 4.1.x and 4.2.x prior to 4.2.1 does not properly handle multiple logins, which allows remote malicious users to conduct cross-site scripting (XSS) attacks and obtain ...
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.17.4
NA
CVE-2012-0448
Bugzilla 2.x and 3.x prior to 3.4.14, 3.5.x and 3.6.x prior to 3.6.8, 3.7.x and 4.0.x prior to 4.0.4, and 4.1.x and 4.2.x prior to 4.2rc2 does not reject non-ASCII characters in e-mail addresses of new user accounts, which makes it easier for remote authenticated users to spoof o...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 4.2
Mozilla Bugzilla 3.2
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
4.7
CVSSv3
CVE-2015-8508
Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in Bugzilla 2.x, 3.x, and 4.x prior to 4.2.16, 4.3.x and 4.4.x prior to 4.4.11, and 4.5.x and 5.0.x prior to 5.0.2, when a local dot configuration is used, allows remote malicious users to inject arbitrary web sc...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.6.9
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 4.4.7
Mozilla Bugzilla 4.4.8
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.20
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 4.2.5
Mozilla Bugzilla 3.4.14
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 3.6.3
Mozilla Bugzilla 3.2.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »