← back
CVE-2006-0913

CVE-2006-0913

EPSS 1.0%
SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whinedays parameter, as accessible from editparams.cgi.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.mozilla.org/show_bug.cgi?id=312498http://secunia.com/advisories/18979https://exchange.xforce.ibmcloud.com/vulnerabilities/24819http://www.osvdb.org/23378http://www.securityfocus.com/archive/1/425584/100/0/threadedhttp://www.securityfocus.com/bid/16738http://www.vupen.com/english/advisories/2006/0692