CVE-2018-25208 | qdPM 9.1 timeReport Endpoint filter_by sql injection (Exploit 45767 / EDB-45767)

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability was found in qdPM 9.1. It has been rated as critical. The impacted element is an unknown function of the component timeReport Endpoint. The manipulation of the argument filter_by leads to sql injection.

This vulnerability is documented as CVE-2018-25208. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2018-25208 | qdPM 9.1 timeReport Endpoint filter_by sql injection (Exploit 45767 / EDB-45767)

Post correlati

CVE-2024-2086 | Integrate Google Drive Plugin up to 1.3.8 on WordPress Setting authorization

CVE-2024-5058 | WPDeveloper Typing Text Plugin up to 1.2.5 on WordPress cross site scripting

CVE-2024-23492 | Commend WS203VICM up to 1.7 weak encoding for password (icsa-24-051-01)

CVE-2023-31032 | NVIDIA DGX A100 prior 1.25 dynamic dynamic variable evaluation