Browse all 8 CVE security advisories affecting kevinpapst. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kevinpapst develops PHP-based web applications, primarily for workflow and project management. Historically, vulnerabilities associated with this software include remote code execution, cross-site scripting, and privilege escalation flaws. The project has recorded 8 CVEs, with several critical issues allowing unauthorized access or system compromise. Notable characteristics include exposure through improper input validation and insecure default configurations. While no major public incidents have been widely documented, the consistent presence of similar vulnerability classes suggests ongoing security challenges requiring rigorous input sanitization and access control measures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-25317 | Kimai 2- persistent cross-site scripting (XSS) — KimaiCWE-79 | 6.4 | Medium | 2026-02-11 |
| CVE-2021-4033 | Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2 — kevinpapst/kimai2CWE-352 | 4.3 | - | 2021-12-09 |
| CVE-2021-3983 | Cross-site Scripting (XSS) - Stored in kevinpapst/kimai2 — kevinpapst/kimai2CWE-79 | 5.4 | - | 2021-12-01 |
| CVE-2021-3985 | Cross-site Scripting (XSS) - Stored in kevinpapst/kimai2 — kevinpapst/kimai2CWE-79 | 5.4 | - | 2021-12-01 |
| CVE-2021-3992 | Improper Access Control in kevinpapst/kimai2 — kevinpapst/kimai2CWE-284 | 6.5 | - | 2021-12-01 |
| CVE-2021-3957 | Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2 — kevinpapst/kimai2CWE-352 | 4.3 | - | 2021-11-19 |
| CVE-2021-3963 | Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2 — kevinpapst/kimai2CWE-352 | 4.3 | - | 2021-11-19 |
| CVE-2021-3976 | Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2 — kevinpapst/kimai2CWE-352 | 4.3 | - | 2021-11-19 |
This page lists every published CVE security advisory associated with kevinpapst. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.