VULHUB ™

Bugzilla is the bug tracking software package by the Mozilla project. It can be configured to run on Microsoft Windows and various Unix/Linux platforms. A vulnerability exists in the buglist.cgi script which may allow a remote attacker to modify the logic of an SQL query via manipulating an HTML form before submitting it. This is due to lack of input validation of data that is passed to SQL queries.

Bugzilla is the bug tracking software package by the Mozilla project. It can be configured to run on Microsoft Windows and various Unix/Linux platforms. A vulnerability exists in the buglist.cgi script which may allow a remote attacker to modify the logic of an SQL query via manipulating an HTML form before submitting it. This is due to lack of input validation of data that is passed to SQL queries.