| Max CVSS | 5.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-3764 | 5.0 |
The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote attackers to obtain sensitive information via a modified URL.
|
17-08-2017 - 01:33 | 05-11-2010 - 17:00 | |
| CVE-2010-4209 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore
|
05-02-2011 - 07:00 | 07-11-2010 - 22:00 | |
| CVE-2010-4208 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader
|
05-02-2011 - 07:00 | 07-11-2010 - 22:00 | |
| CVE-2010-4207 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/a
|
05-02-2011 - 07:00 | 07-11-2010 - 22:00 | |
| CVE-2010-3172 | 2.6 |
CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HT
|
16-12-2010 - 05:00 | 05-11-2010 - 17:00 |