| Release | Version |
|---|---|
| stretch | 20130826+dfsg3-4 |
| buster | 20130826+dfsg3-4 |
| Bug | stretch | buster | Description |
|---|---|---|---|
| CVE-2020-35545 | vulnerable | vulnerable (no DSA) | Time-based SQL injection exists in Spotweb 1.4.9 via the query string. ... |
| Bug | Description |
|---|---|
| CVE-2021-3286 | SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands p ... |