Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote attackers to obtain sensitive information via a modified URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Bugzilla Old Charts实现信息泄露漏洞
Vulnerability Description
Bugzilla 是一个基于WEB的漏洞收集系统,使用了Perl和MySQL。 Bugzilla 2.12至3.2.8版本,以及3.4.8,3.6.2,3.7.3,4.1版本中的Old Charts实现在graphs/路径下创建具有可预测名称的图形文件。远程攻击者可以借助修改过的URL获得敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A