Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-10-01T14:00:00
Updated: 2014-10-01T13:57:00
Reserved: 2012-01-19T00:00:00
Link: CVE-2012-0811
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-10-01T14:55:10.120
Modified: 2014-10-02T16:39:19.863
Link: CVE-2012-0811
JSON object: View
Redhat Information
No data.
CWE