CVE-2003-1043 Information

Description

SQL injection vulnerability in Bugzilla 2.16.3 and earlier and 2.17.1 through 2.17.4 allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi.

Reference

http://bugzilla.mozilla.org/show_bug.cgi?id=219044 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000774 http://www.securityfocus.com/archive/1/343185 http://www.securityfocus.com/bid/8953 https://exchange.xforce.ibmcloud.com/vulnerabilities/13596 bugzilla-url-sql-injection(13596)