CNNVD-202507-3654 Information

CNNVD ID

CNNVD-202507-3654

Related CVE

CVE-2025-45346

• CNNVD Published: 2025-07-29

Description (Chinese)

Bacula-Web是Bacula-Web开源的一个网络报告和监测工具。 Bacula-Web 9.7.1之前版本存在安全漏洞，该漏洞源于HTTP GET请求处理不当，可能导致SQL注入攻击。

Description (English)

Bacula-Web is a web-based reporting and monitoring tool for Bacula-Web open source. Prior to Bacula-Web 9.7.1, there was a security loophole, which stemmed from the improper handling of HTTP GET requests, which could lead to an injection of SQL attacks.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Bacula-Web

Published

2025-07-29

Last Modified

2026-02-24

References

https://github.com/bacula-web/bacula-web/releases/tag/v9.7.1 https://github.com/bacula-web/bacula-web/commit/ad5d94809f17994a61496ecfec9cd3a16ac14a5f https://access.redhat.com/security/cve/cve-2025-45346

Patch

https://github.com/bacula-web/bacula-web/releases