Cyber Resilience

CVE-2018-25187

HighPublic PoC

Published: 06 March 2026

Published
06 March 2026
Modified
16 March 2026
KEV Added
Patch
CVSS Score v4 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0035 26.4th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2018-25187 is a high-severity SQL Injection (CWE-89) vulnerability in Tina4 Tina4 Stack. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 26.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SC-7 (Boundary Protection).

Deeper analysis

Tina4 Stack version 1.0.3 is affected by multiple vulnerabilities, including unauthorized access to sensitive database files and SQL injection, mapped to CWE-89. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes. Additionally, the menu endpoint allows SQL code injection to manipulate database queries. The vulnerability has a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N), indicating high confidentiality impact with low integrity impact and no availability impact.

Unauthenticated attackers can exploit these issues remotely with low complexity and no user interaction required. By directly accessing the kim.db file, they obtain sensitive user data including password hashes. Through the menu endpoint, they can execute arbitrary SQL injections to alter database queries, potentially leading to data manipulation or further compromise depending on the application's configuration.

Advisories and proof-of-concept exploits detail these issues, with a public exploit available at https://www.exploit-db.com/exploits/45833 and further analysis at https://www.vulncheck.com/advisories/tina-stack-sql-injection-and-database-file-download. No specific patches or mitigation steps are outlined in the provided details.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes, or inject SQL code through the…

more

menu endpoint to manipulate database queries.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
Why these techniques?

Vulnerability in public-facing web application enables exploitation (T1190), direct access to database file with credentials (T1552.001), and SQL injection for database data access (T1213.006).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-0103Shared CWE-89
CVE-2018-25199Shared CWE-89
CVE-2026-27179Shared CWE-89
CVE-2025-0308Shared CWE-89
CVE-2019-25581Shared CWE-89
CVE-2026-27885Shared CWE-89
CVE-2019-25479Shared CWE-89
CVE-2026-1476Shared CWE-89
CVE-2019-25526Shared CWE-89
CVE-2025-69365Shared CWE-89

Affected Assets

tina4
tina4 stack
1.0.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates SQL injection vulnerabilities in the menu endpoint by requiring validation of all information inputs to prevent malicious SQL code execution.

prevent

Enforces approved authorizations to block unauthenticated access to sensitive database files like kim.db containing user credentials and hashes.

prevent

Implements boundary protection at web interfaces to monitor and control access, preventing direct requests to internal sensitive files and injection attempts.

References