OSVDB: The Open Source Vulnerability Database

Mozilla Organization

Short Name:	Mozilla
Previous Names:	Firefox, Firebird
URL:	http://www.mozilla.org/ [visit link]
Email:	pressmozilla.org
Security URL:	http://www.mozilla.org/security/ [visit link]
Security Email:	securitymozilla.org
Knowledge Base:	[None Entered]
Notes:	http://www.mozilla.org/projects/security/known-vulnerabilities.html
Full Details...

Vulnerabilities by Vendor Product

Mozilla Organization

« Previous 1 2 3 Next »

Mozilla Organization

Bugzilla: 2.14; OSVDB ID: 5080 Bugzilla editusers.cgi Delete Arbitrary User; OSVDB ID: 6351 Bugzilla .htaccess Backup File Protection Failure; OSVDB ID: 6362 Bugzilla editusers.cgi Form Edit Privilege Escalation; OSVDB ID: 6395 Bugzilla defparams.pl Data Directory World Writeable; OSVDB ID: 6400 Bugzilla buglist.cgi order Variable SQL Injection; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6356 Bugzilla bug_form.pl Full Name Variable XSS; OSVDB ID: 6401 Bugzilla quips.cgi COMMENTS Variable XSS; 2.14.1; OSVDB ID: 5080 Bugzilla editusers.cgi Delete Arbitrary User; OSVDB ID: 6351 Bugzilla .htaccess Backup File Protection Failure; OSVDB ID: 6395 Bugzilla defparams.pl Data Directory World Writeable; OSVDB ID: 6399 Bugzilla shadow-sync Arbitrary Password Disclosure; OSVDB ID: 6400 Bugzilla buglist.cgi order Variable SQL Injection; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6356 Bugzilla bug_form.pl Full Name Variable XSS; OSVDB ID: 6401 Bugzilla quips.cgi COMMENTS Variable XSS; 2.15; OSVDB ID: 5080 Bugzilla editusers.cgi Delete Arbitrary User; OSVDB ID: 6395 Bugzilla defparams.pl Data Directory World Writeable; OSVDB ID: 6400 Bugzilla buglist.cgi order Variable SQL Injection; OSVDB ID: 6356 Bugzilla bug_form.pl Full Name Variable XSS; 2.16; OSVDB ID: 5080 Bugzilla editusers.cgi Delete Arbitrary User; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6349 Bugzilla Local Dependancy Graph XSS; OSVDB ID: 6350 Bugzilla Default HTML Template Multiple XSS; OSVDB ID: 6351 Bugzilla .htaccess Backup File Protection Failure; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6401 Bugzilla quips.cgi COMMENTS Variable XSS; 2.16rc1; OSVDB ID: 5080 Bugzilla editusers.cgi Delete Arbitrary User; OSVDB ID: 6399 Bugzilla shadow-sync Arbitrary Password Disclosure; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6356 Bugzilla bug_form.pl Full Name Variable XSS; 2.10; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6365 Bugzilla process_bug.cgi who Variable Arbitrary Command Execution; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6373 Bugzilla createaccount.cgi login Variable XSS; OSVDB ID: 6374 Bugzilla showvotes.cgi bug_id Variable XSS; OSVDB ID: 6375 Bugzilla reports.cgi product Variable XSS; OSVDB ID: 6376 Bugzilla buglist.cgi DisplayError() Function XSS; OSVDB ID: 6377 Bugzilla showdependencytree.cgi id Variable XSS; OSVDB ID: 6378 Bugzilla process_bug.cgi Multiple Variable XSS; OSVDB ID: 6401 Bugzilla quips.cgi COMMENTS Variable XSS; 2.12; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6373 Bugzilla createaccount.cgi login Variable XSS; OSVDB ID: 6374 Bugzilla showvotes.cgi bug_id Variable XSS; OSVDB ID: 6375 Bugzilla reports.cgi product Variable XSS; OSVDB ID: 6376 Bugzilla buglist.cgi DisplayError() Function XSS; OSVDB ID: 6377 Bugzilla showdependencytree.cgi id Variable XSS; OSVDB ID: 6378 Bugzilla process_bug.cgi Multiple Variable XSS; OSVDB ID: 6401 Bugzilla quips.cgi COMMENTS Variable XSS; 2.14.x; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; 2.16.1; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6349 Bugzilla Local Dependancy Graph XSS; OSVDB ID: 6350 Bugzilla Default HTML Template Multiple XSS; OSVDB ID: 6351 Bugzilla .htaccess Backup File Protection Failure; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6401 Bugzilla quips.cgi COMMENTS Variable XSS; 2.16.2; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6349 Bugzilla Local Dependancy Graph XSS; OSVDB ID: 6350 Bugzilla Default HTML Template Multiple XSS; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; 2.17; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6349 Bugzilla Local Dependancy Graph XSS; OSVDB ID: 6350 Bugzilla Default HTML Template Multiple XSS; OSVDB ID: 6351 Bugzilla .htaccess Backup File Protection Failure; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 29546 Bugzilla Attachment Diff Private Description Disclosure; OSVDB ID: 29545 Bugzilla Multiple Description Field XSS; OSVDB ID: 29544 Bugzilla Page Header XSS; OSVDB ID: 6401 Bugzilla quips.cgi COMMENTS Variable XSS; 2.17.1; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6349 Bugzilla Local Dependancy Graph XSS; OSVDB ID: 6350 Bugzilla Default HTML Template Multiple XSS; OSVDB ID: 6351 Bugzilla .htaccess Backup File Protection Failure; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 11116 Bugzilla insidergroup Feature metadata Change Information Disclosure; OSVDB ID: 16427 Bugzilla URI Web Log Password Disclosure; OSVDB ID: 6387 Bugzilla editkeywords.cgi id Variable SQL Injection; OSVDB ID: 6389 Bugzilla votes.cgi who Variable Information Disclosure; 2.17.2; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6349 Bugzilla Local Dependancy Graph XSS; OSVDB ID: 6350 Bugzilla Default HTML Template Multiple XSS; OSVDB ID: 6351 Bugzilla .htaccess Backup File Protection Failure; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; 2.17.3; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6349 Bugzilla Local Dependancy Graph XSS; OSVDB ID: 6350 Bugzilla Default HTML Template Multiple XSS; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6390 Bugzilla describecomponents.cgi Information Disclosure; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 11116 Bugzilla insidergroup Feature metadata Change Information Disclosure; OSVDB ID: 6387 Bugzilla editkeywords.cgi id Variable SQL Injection; OSVDB ID: 6389 Bugzilla votes.cgi who Variable Information Disclosure; 2.4; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6365 Bugzilla process_bug.cgi who Variable Arbitrary Command Execution; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6373 Bugzilla createaccount.cgi login Variable XSS; OSVDB ID: 6374 Bugzilla showvotes.cgi bug_id Variable XSS; OSVDB ID: 6375 Bugzilla reports.cgi product Variable XSS; OSVDB ID: 6376 Bugzilla buglist.cgi DisplayError() Function XSS; OSVDB ID: 6377 Bugzilla showdependencytree.cgi id Variable XSS; OSVDB ID: 6378 Bugzilla process_bug.cgi Multiple Variable XSS; 2.6; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6365 Bugzilla process_bug.cgi who Variable Arbitrary Command Execution; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6373 Bugzilla createaccount.cgi login Variable XSS; OSVDB ID: 6374 Bugzilla showvotes.cgi bug_id Variable XSS; OSVDB ID: 6375 Bugzilla reports.cgi product Variable XSS; OSVDB ID: 6376 Bugzilla buglist.cgi DisplayError() Function XSS; OSVDB ID: 6377 Bugzilla showdependencytree.cgi id Variable XSS; OSVDB ID: 6378 Bugzilla process_bug.cgi Multiple Variable XSS; 2.8; OSVDB ID: 6348 Bugzilla showdependencygraph.cgi Symlink Arbitrary File Overwrite; OSVDB ID: 6365 Bugzilla process_bug.cgi who Variable Arbitrary Command Execution; OSVDB ID: 6383 Bugzilla globals.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6384 Bugzilla defparams.pl Symlink Arbitrary File Overwrite; OSVDB ID: 6385 Bugzilla checksetup.pl Symlink Arbitrary File Overwrite; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6373 Bugzilla createaccount.cgi login Variable XSS; OSVDB ID: 6374 Bugzilla showvotes.cgi bug_id Variable XSS; OSVDB ID: 6375 Bugzilla reports.cgi product Variable XSS; OSVDB ID: 6376 Bugzilla buglist.cgi DisplayError() Function XSS; OSVDB ID: 6377 Bugzilla showdependencytree.cgi id Variable XSS; OSVDB ID: 6378 Bugzilla process_bug.cgi Multiple Variable XSS; 2.14.2; OSVDB ID: 6351 Bugzilla .htaccess Backup File Protection Failure; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6401 Bugzilla quips.cgi COMMENTS Variable XSS; 2.14.3; OSVDB ID: 6351 Bugzilla .htaccess Backup File Protection Failure; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6401 Bugzilla quips.cgi COMMENTS Variable XSS; 2.14.4; OSVDB ID: 6351 Bugzilla .htaccess Backup File Protection Failure; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 6401 Bugzilla quips.cgi COMMENTS Variable XSS; 2.16.3; OSVDB ID: 6388 Bugzilla editproducts.cgi SQL Injection; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 2843 Bugzilla collectstats.pl SQL Injection; OSVDB ID: 6387 Bugzilla editkeywords.cgi id Variable SQL Injection; OSVDB ID: 6389 Bugzilla votes.cgi who Variable Information Disclosure; 2.17.4; OSVDB ID: 6390 Bugzilla describecomponents.cgi Information Disclosure; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 11116 Bugzilla insidergroup Feature metadata Change Information Disclosure; OSVDB ID: 6387 Bugzilla editkeywords.cgi id Variable SQL Injection; OSVDB ID: 6389 Bugzilla votes.cgi who Variable Information Disclosure; 2.16.rc1; OSVDB ID: 6395 Bugzilla defparams.pl Data Directory World Writeable; OSVDB ID: 6400 Bugzilla buglist.cgi order Variable SQL Injection; 2.17.7; OSVDB ID: 7782 Bugzilla Image URL Password Disclosure; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 11116 Bugzilla insidergroup Feature metadata Change Information Disclosure; 2.17.6; OSVDB ID: 7782 Bugzilla Image URL Password Disclosure; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 11116 Bugzilla insidergroup Feature metadata Change Information Disclosure; 2.17.5; OSVDB ID: 7782 Bugzilla Image URL Password Disclosure; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; OSVDB ID: 11116 Bugzilla insidergroup Feature metadata Change Information Disclosure; 2.16.5; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; 2.16.4; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; 2.16rc2; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; 2.14.5; OSVDB ID: 7786 Bugzilla editcomponents.cgi action Variable XSS; OSVDB ID: 7787 Bugzilla editgroups.cgi action Variable XSS; OSVDB ID: 7788 Bugzilla editmilestones.cgi action Variable XSS; OSVDB ID: 7789 Bugzilla editproducts.cgi action Variable XSS; OSVDB ID: 7790 Bugzilla editusers.cgi action Variable XSS; OSVDB ID: 7791 Bugzilla editversions.cgi action Variable XSS; 2.18 rc1; OSVDB ID: 11116 Bugzilla insidergroup Feature metadata Change Information Disclosure; 2.18 rc2; OSVDB ID: 11116 Bugzilla insidergroup Feature metadata Change Information Disclosure; 2.19.1; OSVDB ID: 16427 Bugzilla URI Web Log Password Disclosure; OSVDB ID: 16425 Bugzilla Product Name Enumeration; OSVDB ID: 16426 Bugzilla Closed State Product Bug Entry Creation; 2.19; OSVDB ID: 11116 Bugzilla insidergroup Feature metadata Change Information Disclosure; 2.18; OSVDB ID: 16427 Bugzilla URI Web Log Password Disclosure; OSVDB ID: 16425 Bugzilla Product Name Enumeration; OSVDB ID: 16426 Bugzilla Closed State Product Bug Entry Creation; OSVDB ID: 29549 Bugzilla showdependencygraph.cgi XSS; 2.19.2; OSVDB ID: 16427 Bugzilla URI Web Log Password Disclosure; OSVDB ID: 16425 Bugzilla Product Name Enumeration; OSVDB ID: 16426 Bugzilla Closed State Product Bug Entry Creation; 2.18.1; OSVDB ID: 16427 Bugzilla URI Web Log Password Disclosure; OSVDB ID: 16425 Bugzilla Product Name Enumeration; OSVDB ID: 16426 Bugzilla Closed State Product Bug Entry Creation; 2.19.3; OSVDB ID: 16427 Bugzilla URI Web Log Password Disclosure; OSVDB ID: 16425 Bugzilla Product Name Enumeration; OSVDB ID: 16426 Bugzilla Closed State Product Bug Entry Creation; 2.16.8; OSVDB ID: 16425 Bugzilla Product Name Enumeration; OSVDB ID: 16426 Bugzilla Closed State Product Bug Entry Creation; 2.16.9; OSVDB ID: 16425 Bugzilla Product Name Enumeration; OSVDB ID: 16426 Bugzilla Closed State Product Bug Entry Creation; 2.18.5; OSVDB ID: 29548 Bugzilla Crafted URL User-complicit Arbitrary Command Execution; OSVDB ID: 29547 Bugzilla XML Format Deadline Field Disclosure; 2.20.2; OSVDB ID: 29548 Bugzilla Crafted URL User-complicit Arbitrary Command Execution; OSVDB ID: 29547 Bugzilla XML Format Deadline Field Disclosure; 2.22; OSVDB ID: 29548 Bugzilla Crafted URL User-complicit Arbitrary Command Execution; OSVDB ID: 29547 Bugzilla XML Format Deadline Field Disclosure; 2.23.2; OSVDB ID: 29548 Bugzilla Crafted URL User-complicit Arbitrary Command Execution; OSVDB ID: 29547 Bugzilla XML Format Deadline Field Disclosure

Browser for Mac: 1.7RC2; OSVDB ID: 6184 Apple Mac OS X Help URI Script Execution; OSVDB ID: 6338 Apple Mac OS X disk(s): URI Remote Code Execution

Firefox for Linux: 0.8; OSVDB ID: 6107 Multiple Browser Telnet URI Handler File Manipulation

Firefox for Mac: 0.8; OSVDB ID: