CVE-2019-18890

MEDIUM

Redmine < 3.3.10 - Authenticated SQL Injection via Object Query

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-18890. PoCs published by RealLinkers.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2019-18890, a SQL injection vulnerability in Redmine versions up to 3.2.9/3.3.9. The exploit leverages the REST API to inject malicious SQL queries via the 'subproject_id' parameter.

Description

A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query.

Exploits (1)

nomisec WORKING POC 10 stars

by RealLinkers · poc

https://github.com/RealLinkers/CVE-2019-18890

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2019-18890, a SQL injection vulnerability in Redmine versions up to 3.2.9/3.3.9. The exploit leverages the REST API to inject malicious SQL queries via the 'subproject_id' parameter.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Redmine up to 3.2.9/3.3.9

Auth required

Prerequisites: Access credentials · Subproject is required · REST API is enabled

MITRE ATT&CK