var-200812-0328
Vulnerability from variot
SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter. Multiple Barracuda products are prone to multiple input-validation vulnerabilities, including multiple cross-site scripting vulnerabilities, an HTML-injection vulnerability, and an SQL-injection vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Versions prior to the following are affected: Barracuda Message Archiver to 1.2.1.002. Barracuda Spam Firewall 3.5.12.007 and prior Barracuda Web Filter 3.3.0.052 and prior Barracuda IM Firewall 3.1.01.017 and prior Barracuda Load Balancer 2.3.024 and prior. Barracuda Spam Firewall is an integrated hardware and software spam solution for protecting mail servers. ----------------------------------------------------------------------
Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list?
Click here to learn more: http://secunia.com/advisories/business_solutions/
TITLE: Barracuda Products Cross-Site Scripting Vulnerabilities
SECUNIA ADVISORY ID: SA33164
VERIFY ADVISORY: http://secunia.com/advisories/33164/
CRITICAL: Less critical
IMPACT: Cross Site Scripting
WHERE:
From remote
OPERATING SYSTEM: Barracuda Spam Firewall http://secunia.com/advisories/product/4639/ Barracuda IM Firewall http://secunia.com/advisories/product/20790/ Barracuda Load Balancer http://secunia.com/advisories/product/20791/ Barracuda Message Archiver http://secunia.com/advisories/product/20788/ Barracuda Web Filter http://secunia.com/advisories/product/20789/
DESCRIPTION: Dr.
Input passed to various parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
SOLUTION: Update to the latest version. Marian Ventuneac, Data Communications Security Laboratory, University of Limerick
ORIGINAL ADVISORY: Barracuda Networks: http://www.barracudanetworks.com/ns/support/tech_alert.php
Dr. Marian Ventuneac: http://dcsl.ul.ie/advisories/02.htm http://dcsl.ul.ie/advisories/03.htm
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200812-0328",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "spam firewall",
"scope": "lte",
"trust": 1.0,
"vendor": "barracuda",
"version": "3.5.11.020"
},
{
"model": "spam firewall",
"scope": "eq",
"trust": 0.9,
"vendor": "barracuda",
"version": "3.5.11.020"
},
{
"model": "spam firewall",
"scope": "lt",
"trust": 0.8,
"vendor": "barracuda",
"version": "3.5.12.007"
},
{
"model": "web filter",
"scope": "eq",
"trust": 0.3,
"vendor": "barracuda",
"version": "3.3.0.038"
},
{
"model": "message archiver",
"scope": "eq",
"trust": 0.3,
"vendor": "barracuda",
"version": "1.1.0.010"
},
{
"model": "load balancer",
"scope": "eq",
"trust": 0.3,
"vendor": "barracuda",
"version": "2.2.6"
},
{
"model": "im firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "barracuda",
"version": "3.0.01.008"
},
{
"model": "web filter",
"scope": "ne",
"trust": 0.3,
"vendor": "barracuda",
"version": "3.3.0.052"
},
{
"model": "spam firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "barracuda",
"version": "3.5.12.007"
},
{
"model": "message archiver",
"scope": "ne",
"trust": 0.3,
"vendor": "barracuda",
"version": "1.2.1.002"
},
{
"model": "load balancer",
"scope": "ne",
"trust": 0.3,
"vendor": "barracuda",
"version": "2.3.24"
},
{
"model": "im firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "barracuda",
"version": "3.1.01.017"
}
],
"sources": [
{
"db": "BID",
"id": "32867"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002512"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-370"
},
{
"db": "NVD",
"id": "CVE-2008-1094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:barracuda_networks:barracuda_spam_firewall",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002512"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marian Ventuneac\u203b marian.ventuneac@ul.ie",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200812-370"
}
],
"trust": 0.6
},
"cve": "CVE-2008-1094",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2008-1094",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-31219",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-1094",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2008-1094",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200812-370",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-31219",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31219"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002512"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-370"
},
{
"db": "NVD",
"id": "CVE-2008-1094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter. Multiple Barracuda products are prone to multiple input-validation vulnerabilities, including multiple cross-site scripting vulnerabilities, an HTML-injection vulnerability, and an SQL-injection vulnerability. \nExploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nVersions prior to the following are affected:\nBarracuda Message Archiver to 1.2.1.002. \nBarracuda Spam Firewall 3.5.12.007 and prior\nBarracuda Web Filter 3.3.0.052 and prior\nBarracuda IM Firewall 3.1.01.017 and prior\nBarracuda Load Balancer 2.3.024 and prior. Barracuda Spam Firewall is an integrated hardware and software spam solution for protecting mail servers. ----------------------------------------------------------------------\n\nDid you know that a change in our assessment rating, exploit code\navailability, or if an updated patch is released by the vendor, is\nnot part of this mailing-list?\n\nClick here to learn more:\nhttp://secunia.com/advisories/business_solutions/\n\n----------------------------------------------------------------------\n\nTITLE:\nBarracuda Products Cross-Site Scripting Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA33164\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/33164/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nCross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nBarracuda Spam Firewall\nhttp://secunia.com/advisories/product/4639/\nBarracuda IM Firewall\nhttp://secunia.com/advisories/product/20790/\nBarracuda Load Balancer\nhttp://secunia.com/advisories/product/20791/\nBarracuda Message Archiver\nhttp://secunia.com/advisories/product/20788/\nBarracuda Web Filter\nhttp://secunia.com/advisories/product/20789/\n\nDESCRIPTION:\nDr. \n\nInput passed to various parameters is not properly sanitised before\nbeing returned to the user. This can be exploited to execute\narbitrary HTML and script code in a user\u0027s browser session in context\nof an affected site. \n\nSOLUTION:\nUpdate to the latest version. Marian Ventuneac, Data Communications Security Laboratory,\nUniversity of Limerick\n\nORIGINAL ADVISORY:\nBarracuda Networks:\nhttp://www.barracudanetworks.com/ns/support/tech_alert.php\n\nDr. Marian Ventuneac:\nhttp://dcsl.ul.ie/advisories/02.htm\nhttp://dcsl.ul.ie/advisories/03.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1094"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002512"
},
{
"db": "BID",
"id": "32867"
},
{
"db": "VULHUB",
"id": "VHN-31219"
},
{
"db": "PACKETSTORM",
"id": "73049"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-31219",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31219"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-1094",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "33164",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1021455",
"trust": 2.5
},
{
"db": "SREASON",
"id": "4793",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "7496",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002512",
"trust": 0.8
},
{
"db": "MILW0RM",
"id": "7496",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20081216 CVE-2008-1094 - BARRACUDA SPAN FIREWALL SQL INJECTION VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200812-370",
"trust": 0.6
},
{
"db": "BID",
"id": "32867",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "73064",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-66066",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-31219",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "73049",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31219"
},
{
"db": "BID",
"id": "32867"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002512"
},
{
"db": "PACKETSTORM",
"id": "73049"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-370"
},
{
"db": "NVD",
"id": "CVE-2008-1094"
}
]
},
"id": "VAR-200812-0328",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31219"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:10:16.123000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Barracuda Spam Firewall resolved potential issue associated with the Users \u2192 Accounts View page",
"trust": 0.8,
"url": "http://www.barracudanetworks.com/ns/support/tech_alert.php"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002512"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31219"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002512"
},
{
"db": "NVD",
"id": "CVE-2008-1094"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1021455"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/33164"
},
{
"trust": 2.1,
"url": "http://www.barracudanetworks.com/ns/support/tech_alert.php"
},
{
"trust": 2.1,
"url": "http://dcsl.ul.ie/advisories/02.htm"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/4793"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/499293/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/7496"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1094"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1094"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/499293/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/7496"
},
{
"trust": 0.4,
"url": "http://dcsl.ul.ie/advisories/03.htm"
},
{
"trust": 0.3,
"url": "http://www.barracudanetworks.com/ns/?l=en_ca"
},
{
"trust": 0.3,
"url": "/archive/1/499294"
},
{
"trust": 0.3,
"url": "/archive/1/499293"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/33164/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/4639/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20791/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20788/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20789/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20790/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31219"
},
{
"db": "BID",
"id": "32867"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002512"
},
{
"db": "PACKETSTORM",
"id": "73049"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-370"
},
{
"db": "NVD",
"id": "CVE-2008-1094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-31219"
},
{
"db": "BID",
"id": "32867"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002512"
},
{
"db": "PACKETSTORM",
"id": "73049"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-370"
},
{
"db": "NVD",
"id": "CVE-2008-1094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-12-19T00:00:00",
"db": "VULHUB",
"id": "VHN-31219"
},
{
"date": "2008-12-16T00:00:00",
"db": "BID",
"id": "32867"
},
{
"date": "2011-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002512"
},
{
"date": "2008-12-16T12:16:02",
"db": "PACKETSTORM",
"id": "73049"
},
{
"date": "2008-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200812-370"
},
{
"date": "2008-12-19T17:30:02.827000",
"db": "NVD",
"id": "CVE-2008-1094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-31219"
},
{
"date": "2008-12-19T18:42:00",
"db": "BID",
"id": "32867"
},
{
"date": "2011-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002512"
},
{
"date": "2009-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200812-370"
},
{
"date": "2024-11-21T00:43:39.840000",
"db": "NVD",
"id": "CVE-2008-1094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200812-370"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Barracuda Spam Firewall of Account View In the page index.cgi In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002512"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200812-370"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…