Davide Franco

2 exploits Active since Mar 2018
CVE-2017-15367 WRITEUP CRITICAL WRITEUP
Bacula-web < 8.0.0-rc2 - SQL Injection
Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server.
CVSS 9.8
CVE-2025-45346 WRITEUP HIGH WRITEUP
Bacula-web < 9.7.1 - SQL Injection via HTTP GET Request
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request.
CVSS 8.1