Show filters
42 Total Results
Displaying 41-42 of 42
Sort by:
Attacker Value
Unknown

CVE-2006-5455

Disclosure Date: October 23, 2006 (last updated October 04, 2023)
Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL.
0
Attacker Value
Unknown

CVE-2006-5454

Disclosure Date: October 23, 2006 (last updated October 04, 2023)
Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote attackers to obtain (1) the description of arbitrary attachments by viewing the attachment in "diff" mode in attachment.cgi, and (2) the deadline field by viewing the XML format of the bug in show_bug.cgi.
0