CVE-2006-0913
Summary
SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whinedays parameter, as accessible from editparams.cgi.
- LOW
- NETWORK
- SINGLE
- PARTIAL
- NONE
- PARTIAL
References
Advisory Timeline
- Published