CVE-2025-45346 | Bacula-web up to 9.7.0 HTTP GET Request sql injection

Inserito da Angelo Barbosa | Lug 29, 2025 | CVE

A vulnerability, which was classified as critical, was found in Bacula-web up to 9.7.0. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2025-45346. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-45346 | Bacula-web up to 9.7.0 HTTP GET Request sql injection

Post correlati

CVE-2024-40887 | Intel PROSet/Wireless WiFi/Killer WiFi up to 23.79 on Windows race condition (intel-sa-01224)

CVE-2024-24830 | OpenObserve up to 0.7.x Role-Based Access Control /api/{org_id}/users improper authorization (GHSA-hfxx-g56f-8h5v)

CVE-2022-30636 | x-crypto prior 0.0.0-20220525230936-793ad666bf5e on Go path traversal

CVE-2024-46704 | Linux Kernel up to 6.10.6 workqueue __flush_work information disclosure (91d09642127a/8bc35475ef1a)