Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 3.2.2 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2009-1213
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 prior to 3.2.3, 3.3 prior to 3.3.4, and previous versions versions allows remote malicious users to hijack the authentication of arbitrary users for requests that use attachment editing.
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.2.2
Mozilla Bugzilla 3.3
Mozilla Bugzilla 3.2.1
Mozilla Bugzilla 3.3.1
668
VMScore
CVE-2009-3165
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 up to and including 3.0.8, 3.1.1 up to and including 3.2.4, and 3.3.1 up to and including 3.4.1 allows remote malicious users to execute arbitrary SQL commands via unspecified parameters.
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.1.4
Mozilla Bugzilla 3.0.3
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.0.2
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.2.2
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.0.8
445
VMScore
CVE-2010-1204
Search.pm in Bugzilla 2.17.1 up to and including 3.2.6, 3.3.1 up to and including 3.4.6, 3.5.1 up to and including 3.6, and 3.7 allows remote malicious users to obtain potentially sensitive time-tracking information via a crafted search URL, related to a "boolean chart searc...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.6
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.0.11
Mozilla Bugzilla 3.0.6
356
VMScore
CVE-2010-2759
Bugzilla 2.23.1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticate...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.6
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 2.23.4
578
VMScore
CVE-2010-2757
The sudo feature in Bugzilla 2.22rc1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to imperson...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 3.6
Mozilla Bugzilla 2.22.6
445
VMScore
CVE-2011-2380
Bugzilla 2.23.3 up to and including 2.22.7, 3.0.x up to and including 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0.x prior to 4.0.2, and 4.1.x prior to 4.1.3 allows remote malicious users to determine the existence of private group names via a crafted par...
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 2.23.3
Mozilla Bugzilla 2.23.1
Mozilla Bugzilla 2.23
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.9
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.4.10
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.4.8
Mozilla Bugzilla 3.4.7
Mozilla Bugzilla 3.4.11
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.5
Mozilla Bugzilla 3.4.6
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.6.1
383
VMScore
CVE-2009-3989
Bugzilla prior to 3.0.11, 3.2.x prior to 3.2.6, 3.4.x prior to 3.4.5, and 3.5.x prior to 3.5.3 does not block access to files and directories that are used by custom installations, which allows remote malicious users to obtain sensitive information via requests for (1) CVS/, (2) ...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.18
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
445
VMScore
CVE-2010-2756
Search.pm in Bugzilla 2.19.1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2 allows remote malicious users to determine the group memberships of arbitrary users via vectors involving the Search interfa...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 2.20.5
445
VMScore
CVE-2010-2758
Bugzilla 2.17.1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2 generates different error messages depending on whether a product exists, which makes it easier for remote malicious users to guess produ...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
445
VMScore
CVE-2010-3764
The Old Charts implementation in Bugzilla 2.12 up to and including 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote malicious users to obtain sensitive information via a modified URL.
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.16 Rc2
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »