NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

CPE Product Version: cpe:/a:mozilla:bugzilla:2.22.6

There are 45 matching records.

Displaying matches 41 through 45.

Vuln ID	Summary	CVSS Severity
CVE-2008-6098	Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, 2.20 before 2.20.7, and other versions after 2.17.4 allows remote authenticated users to bypass moderation to approve and disapprove quips via a direct request to quips.cgi with the action parameter set to "approve." Published: February 09, 2009; 1:30:00 PM -0500	V3.x:(not available) V2.0: 4.0 MEDIUM
CVE-2009-0485	Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete unused flag types via a link or IMG tag to editflagtypes.cgi. Published: February 09, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 5.8 MEDIUM
CVE-2009-0483	Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cgi. Published: February 09, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 5.8 MEDIUM
CVE-2009-0482	Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 before 3.2.1, 3.3 before 3.3.2, and other versions before 3.2 allows remote attackers to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi. Published: February 09, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 5.8 MEDIUM
CVE-2009-0481	Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote authenticated users to conduct cross-site scripting (XSS) and related attacks by uploading HTML and JavaScript attachments that are rendered by web browsers. Published: February 09, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 3.5 LOW