CVE-2014-2655

2014-04-02T12:06:02
ID CVE-2014-2655
Type cve
Reporter NVD
Modified 2014-06-05T00:31:20

Description

SQL injection vulnerability in the gen_show_status function in functions.inc.php in Postfix Admin (aka postfixadmin) before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias.