Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2009-2128

Disclosure Date: June 19, 2009 (last updated October 04, 2023)
SQL injection vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the title (aka subject) field.
0
0
Attacker Value
Unknown

CVE-2009-2126

Disclosure Date: June 19, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the title (aka subject) field.
0
0
Attacker Value
Unknown

CVE-2009-2125

Disclosure Date: June 19, 2009 (last updated October 04, 2023)
delete_bug.php in Elvin before 1.2.1 does not require administrative privileges, which allows remote authenticated users to bypass intended access restrictions and delete arbitrary bugs.
0
0