Mozilla : Security Vulnerabilities, CVEs, Published In 2002 (Sql injection) CVSS score >= 3
Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.
Max CVSS
7.5
EPSS Score
0.19%
Published
2002-10-28
Updated
2016-10-18
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote attackers to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to buglist.cgi.
Max CVSS
7.5
EPSS Score
0.22%
Published
2002-08-12
Updated
2008-09-10
2 vulnerabilities found