High severity8.1NVD Advisory· Published Jul 29, 2025· Updated Jun 17, 2026
CVE-2025-45346
CVE-2025-45346
Description
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
bacula-web/bacula-webPackagist | < 9.7.1 | 9.7.1 |
Affected products
2- Bacula-web/Bacula-webdescription
Patches
Vulnerability mechanics
References
4- github.com/bacula-web/bacula-web/commit/ad5d94809f17994a61496ecfec9cd3a16ac14a5fnvdPatchWEB
- github.com/advisories/GHSA-hq25-vp56-qr86ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-45346ghsaADVISORY
- github.com/bacula-web/bacula-web/releases/tag/v9.7.1nvdRelease NotesWEB
News mentions
0No linked articles in our index yet.