124 matches found
EUVD-2005-2995
Malware in sbrugna...
EUVD-2014-8136
Malware in sbrugna...
EUVD-2012-4365
Malware in sbrugna...
EUVD-2025-23037
Malicious code in bioql PyPI...
SQL Injection
bacula-web/bacula-web is vulnerable to SQL Injection. The vulnerability is due to improper input sanitization in HTTP GET requests, which allows an attacker to execute arbitrary code remotely...
CVE-2025-45346
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request...
Exploit for SQL Injection in Bacula Bacula-Web
CVE-2025-45346 – Bacula-Web Time-Based SQL Injection PostgreS...
GHSA-HQ25-VP56-QR86 Bacula-web SQL Injection Vulnerability
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request...
Bacula-web SQL Injection Vulnerability
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request...
SQL Injection
Overview bacula-web/bacula-web is a The open source web based reporting and monitoring tool for Bacula. Affected versions of this package are vulnerable to SQL Injection via the getJobFiles function in the application/Table/JobFileTable.php . An attacker can execute arbitrary code on the server b...
CVE-2025-45346
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request...
CVE-2025-45346
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request...
Bacula-Web 安全漏洞
Bacula-Web is a web reporting and monitoring tool from Bacula-Web open source. A security vulnerability exists in Bacula-Web versions prior to 9.7.1, which stems from improper handling of HTTP GET requests and could lead to SQL injection attacks...
CVE-2025-45346
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request...
PT-2025-31257 · Unknown · Bacula-Web
Name of the Vulnerable Software and Affected Versions: Bacula-web versions prior to 9.7.1 Description: A SQL Injection issue exists in Bacula-web. A remote attacker can execute arbitrary code via a crafted HTTP GET request. Recommendations: Update Bacula-web to version 9.7.1 or later...
CVE-2025-45346
CVE-2025-45346 affects Bacula-web prior to version 9.7.1. The vulnerability is an SQL Injection that can be triggered remotely via a crafted HTTP GET request, potentially allowing arbitrary code execution on affected systems. Public materials in connected documents confirm the issue and point to ...
CVE-2025-45346
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request...
CVE-2014-8295
SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows remote attackers to execute arbitrary SQL commands via the jobid parameter...
RHEL 6 : bacula (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - bacula: Improper ACL rules enforcement by dumping resources CVE-2012-4430 Note that Nessus has not tested for this...
SUSE CVE-2005-2995
bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on 1 the temporary file used by autoconf/randpass when openssl is not available, or 2 the mtx.PID temporary file in mtx-changer.in...