SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows remote malicious users to execute arbitrary SQL commands via the jobid parameter.
bacula-web 5210 vulnerability
Bacula-web is an web base application that provide you a summarized view all of the jobs bacula-director
title : Bacula-web 5210
godork : "jobid=" bacula-web
vulnerability :
+ Sql injection
example : targetcom/bacula-web/joblogsphp?jobid=99'
PoC :
@BlackCyber:/media/data/sqlmap$ python sqlmapp ...
Vulmon