本ページは bacula bacula-web に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-45346 | SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request. | [email protected] | 8.1 | 0.52% | 2025-07-29 | 2025-08-06 |
| CVE-2017-15367 | Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server. | [email protected] | 9.8 | 22.20% | 2018-03-07 | 2024-11-21 |
| CVE-2014-8295 | SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows remote attackers to execute arbitrary SQL commands via the jobid parameter. | [email protected] | 7.5 | 0.81% | 2014-10-15 | 2026-05-06 |