CVE-2006-0913

CVE Database · CVE-2006-0913

CVE-2006-0913

· N/AModified

CVSS v3.1

N/A

EPSS

1.02%

Published

Feb 28, 2006

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whinedays parameter, as accessible from editparams.cgi.

Affected Products (22)

mozilla · bugzillavulnerable

References (14)

http://secunia.com/advisories/18979

Vendor Advisory

http://www.osvdb.org/23378

http://www.securityfocus.com/archive/1/425584/100/0/threaded

http://www.securityfocus.com/bid/16738

Vendor Advisory

http://www.vupen.com/english/advisories/2006/0692

https://bugzilla.mozilla.org/show_bug.cgi?id=312498

ExploitPatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/24819

http://secunia.com/advisories/18979

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs