Oval Definition:
oval:org.opensuse.security:def:20142655
Revision Date
:
2022-06-30
Version
:
1
Title
:
CVE-2014-2655
Description
:
SQL injection vulnerability in the gen_show_status function in functions.inc.php in Postfix Admin (aka postfixadmin) before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2014-2655
Mitre CVE-2014-2655
SUSE CVE-2014-2655
openSUSE-SU-2014:0715-1
Platform(s)
:
openSUSE 12.3 Update
openSUSE 13.1
openSUSE Tumbleweed
Product(s)
:
Definition Synopsis
openSUSE 13.1 is installed
AND
postfixadmin-2.3.7-5.4.1 is installed
Definition Synopsis
openSUSE Tumbleweed is installed
AND
postfixadmin-3.0-1.1 is installed
BACK