← CVECheck
HomeVulnerabilities

CVE-2003-1042 — HIGH severity vulnerability (SQL injection vulnerability in collectstats.pl for Bugzilla)

SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.

CVE IDCVE-2003-1042
SeverityHIGH
CVSS score10.0
CVSS vectorAV:N/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2004-08-18
Last modified2026-04-16
DescriptionSQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →