CVE-2013-10033P2CRITICALCVSS 9.3PoCv0.9.2.02025-07-31
CVE-2013-10033 [CRITICAL] CWE-89 CVE-2013-10033: An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the db_restore.ph
An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the db_restore.php endpoint. The flaw allows attackers to inject arbitrary SQL queries into the dates[] POST parameter, enabling file write via INTO OUTFILE under specific environmental conditions. This can lead to remote code execution by writing a PHP payload to th
nvd