CVE-2018-25208

HIGH

qdPM 9.1 SQL Injection via filter_by Parameters

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25208. PoCs published by AkkuS.

AI-analyzed exploit summary The exploit demonstrates SQL injection in qdPM 9.1 via the 'filter_by' parameters, providing multiple payloads for boolean-based blind, error-based, stacked queries, time-based blind, and UNION-based attacks. The payloads target MySQL and are designed to extract database information or execute arbitrary SQL commands.

Description

qdPM 9.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through filter_by parameters. Attackers can submit malicious POST requests to the timeReport endpoint with crafted filter_by[CommentCreatedFrom] and filter_by[CommentCreatedTo] parameters to execute arbitrary SQL queries and retrieve sensitive data.

Exploits (1)

exploitdb WORKING POC

by AkkuS · textwebappsphp

https://www.exploit-db.com/exploits/45767

View Code ZIP pw:eip

The exploit demonstrates SQL injection in qdPM 9.1 via the 'filter_by' parameters, providing multiple payloads for boolean-based blind, error-based, stacked queries, time-based blind, and UNION-based attacks. The payloads target MySQL and are designed to extract database information or execute arbitrary SQL commands.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: qdPM v9.1

No auth needed

Prerequisites: access to the target application's /index.php/timeReport endpoint

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Apr 08, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-45767

https://www.exploit-db.com/exploits/45767

Product product

Official Product Homepage

http://qdpm.net

Product product

Product Reference

http://qdpm.net/download-qdpm-free-project-management

Third Party Advisory third-party-advisory

VulnCheck Advisory: qdPM 9.1 SQL Injection via filter_by Parameters

https://www.vulncheck.com/advisories/qdpm-sql-injection-via-filter-by-parameters

Scores

CVSS v3 8.2

EPSS 0.0034

EPSS Percentile 25.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-89

Status published

Products (2)

qdpm/qdpm < 9.1

Qdpm/qdPM 9.1

Published Mar 26, 2026

Tracked Since Mar 26, 2026