3 matches found
CVE-2013-10033 Kimai 0.9.2 db_restore.php SQL Injection
An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the dbrestore.php endpoint. The flaw allows attackers to inject arbitrary SQL queries into the dates POST parameter, enabling file write via INTO OUTFILE under specific environmental conditions. This can lead to...
PT-2025-31531 · Undefined · Undefined
An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the db restore.php endpoint. The flaw allows attackers to inject arbitrary SQL queries into the dates POST parameter, enabling file write via INTO OUTFILE under specific environmental conditions. This can lead to...
Kimai 0.9.2 - 'db_restore.php' SQL Injection
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = AverageRanking include Msf::Exploit::Remote::HttpClient include...