Cyber Posture

CVE-2018-25187

HighPublic PoC

Published: 06 March 2026

Published
06 March 2026
Modified
16 March 2026
KEV Added
Patch
CVSS Score 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS Score 0.0015 34.5th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes, or inject SQL code through the…

more

menu endpoint to manipulate database queries.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly mitigates SQL injection vulnerabilities in the menu endpoint by requiring validation of all information inputs to prevent malicious SQL code execution.

AC-3 Access Enforcement good match
prevent

Enforces approved authorizations to block unauthenticated access to sensitive database files like kim.db containing user credentials and hashes.

SC-7 Boundary Protection good match
prevent

Implements boundary protection at web interfaces to monitor and control access, preventing direct requests to internal sensitive files and injection attempts.

Security SummaryAI

Tina4 Stack version 1.0.3 is affected by multiple vulnerabilities, including unauthorized access to sensitive database files and SQL injection, mapped to CWE-89. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes. Additionally, the menu endpoint allows SQL code injection to manipulate database queries. The vulnerability has a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N), indicating high confidentiality impact with low integrity impact and no availability impact.

Unauthenticated attackers can exploit these issues remotely with low complexity and no user interaction required. By directly accessing the kim.db file, they obtain sensitive user data including password hashes. Through the menu endpoint, they can execute arbitrary SQL injections to alter database queries, potentially leading to data manipulation or further compromise depending on the application's configuration.

Advisories and proof-of-concept exploits detail these issues, with a public exploit available at https://www.exploit-db.com/exploits/45833 and further analysis at https://www.vulncheck.com/advisories/tina-stack-sql-injection-and-database-file-download. No specific patches or mitigation steps are outlined in the provided details.

Details

CWE(s)
CWE-89

Affected Products

tina4
tina4 stack
1.0.3

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
attack.mitre.org →
T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
attack.mitre.org →
Why these techniques?

Vulnerability in public-facing web application enables exploitation (T1190), direct access to database file with credentials (T1552.001), and SQL injection for database data access (T1213.006).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References