CVE-2018-25208 | qdPM 9.1 timeReport Endpoint filter_by sql injection (Exploit 45767 / EDB-45767)

A vulnerability was found in qdPM 9.1. It has been rated as critical. The impacted element is an unknown function of the component timeReport Endpoint. The manipulation of the argument filter_by leads to sql injection.

This vulnerability is documented as CVE-2018-25208. The attack can be initiated remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More