CVE-2014-3857
Kerio Control (formerly WinRoute Firewall) prior to 8.3.2 contains a boolean‑based blind SQL injection in the print.php handler used by Kerio Control Statistics. The vulnerability is exploitable via the x_16 and x_17 parameters, and requires a valid client session (remote, authenticated access is...