Lucene search
K

5 matches found

securityvulns
securityvulns
added 2014/05/05 12:0 a.m.52 views

[SECURITY] [DSA 2889-1] postfixadmin security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2889-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 28, 2014 http://www.debian.org/security/faq -...

6.5CVSS1.3AI score0.01848EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2014/04/02 4:6 p.m.21 views

CVE-2014-2655

SQL injection vulnerability in the genshowstatus function in functions.inc.php in Postfix Admin aka postfixadmin before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias...

6.5CVSS6.2AI score0.01848EPSS
Exploits2References1
CVE
CVE
added 2014/04/02 2:0 p.m.113 views

CVE-2014-2655

CVE-2014-2655 : SQL injection in Postfix Admin (postfixadmin) via the gen_show_status function in functions.inc.php, exploitable before 2.3.7 when creating a new alias. Affected: Postfix Admin, prior to 2.3.7. Root cause: improper SQL handling in list-virtual.py? (per sources) and related advisor...

6.5CVSS7.8AI score0.01848EPSS
Exploits2References6Affected Software1
Debian CVE
Debian CVE
added 2014/04/02 2:0 p.m.22 views

CVE-2014-2655

SQL injection vulnerability in the genshowstatus function in functions.inc.php in Postfix Admin aka postfixadmin before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias...

6.5CVSS7.9AI score0.01848EPSS
Exploits2
seebug.org
seebug.org
added 2014/03/28 12:0 a.m.203 views

Postfix Admin 'functions.inc.php' SQL注入漏洞

BUGTRAQ ID: 66455 CVECAN ID: CVE-2014-2655 Postfix是Unix类操作系统中所使用的邮件传输代理。 用于程序没有在SQL查询前充分过滤用户提供的数据,允许攻击者危及应用程序,访问或修改数据,或利用底层数据库中潜在的漏洞。 0 Postfix Admin Postfix Admin 2.3.5 Postfix Admin Postfix Admin 2.3.4 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://sourceforge.net/projects/postfixadmin/...

6.5CVSS0.01848EPSS
Exploits2
Rows per page
Query Builder