Arbitrary SQL Execution Vulnerability in collectstats.pl for Bugzilla 2.16.3 and Earlier

CVE-2003-1042 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.

Learn more about our User Device Pen Test.