CVE-2008-1094 in Spam Firewallinfo

Summary

SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

02/28/2008

Disclosure

12/19/2008

Moderation

VulDB entry created

Entries

VDB-45599 (1)

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

6.3

EPSS

0.01029

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-1094
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-1094
CVE Details	https://www.cvedetails.com/cve/CVE-2008-1094/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!