CVE-2003-1042
Summary
SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.
- LOW
- NETWORK
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
References
Advisory Timeline
- Published