CVE-2002-1198
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/10/2002
Last modified:
18/10/2016
Description
Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page