CVE-2012-0811 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2012-0811 Interim 1 8 2021-12-09T00:48:36Z current 2021-05-30T13:02:08Z 2021-12-09T00:48:36Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2012-0811 Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed postfixadmin-3.0-1.1 postfixadmin-3.0-1.1 as a component of openSUSE Tumbleweed Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php. CVE-2012-0811 openSUSE Tumbleweed:postfixadmin-3.0-1.1 moderate 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P