First published: Fri Dec 19 2008(Updated: )
SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Barracuda Networks Barracuda Spam Firewall | <=3.5.11.020 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.