VULHUB ™

Bugzilla is the bug tracking software package by the Mozilla project. It can be configured to run on Microsoft Windows and various Unix/Linux platforms. A vulnerability exists in the longlist.cgi script for Bugzilla which may allow a user to pass untrusted input to the database. It is possible for a user to manipulate the $bug variable, which is passed in an SQL query. Maliciously crafted input may be supplied by the user which may potentially be used to modify the logic of an existing SQL query.

Bugzilla is the bug tracking software package by the Mozilla project. It can be configured to run on Microsoft Windows and various Unix/Linux platforms. A vulnerability exists in the longlist.cgi script for Bugzilla which may allow a user to pass untrusted input to the database. It is possible for a user to manipulate the $bug variable, which is passed in an SQL query. Maliciously crafted input may be supplied by the user which may potentially be used to modify the logic of an existing SQL query.