Bacula Bacula-Web vulnerabilities
3 known vulnerabilities affecting bacula/bacula-web.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2017-15367P2CRITICALCVSS 9.8PoC≤ 7.4.0v8.0.02018-03-07
CVE-2017-15367 [CRITICAL] CWE-89 CVE-2017-15367: Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow a
Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server.
nvd
CVE-2014-8295P3HIGHCVSS 7.5PoCv5.2.102014-10-15
CVE-2014-8295 [HIGH] CWE-89 CVE-2014-8295: SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows remote attackers to execute a
SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows remote attackers to execute arbitrary SQL commands via the jobid parameter.
nvd
CVE-2025-45346P3HIGHCVSS 8.1fixed in 9.7.12025-07-29
CVE-2025-45346 [HIGH] CWE-89 CVE-2025-45346: SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitra
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request.
nvd