SQL injection vulnerability in the gen_show_status function in functions.inc.php in Postfix Admin (aka postfixadmin) before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-04-02T14:00:00
Updated: 2014-05-30T13:57:00
Reserved: 2014-03-26T00:00:00
Link: CVE-2014-2655
JSON object: View
NVD Information
Status : Modified
Published: 2014-04-02T16:06:02.253
Modified: 2014-06-05T04:31:20.550
Link: CVE-2014-2655
JSON object: View
Redhat Information
No data.
CWE