Login Sign Up

CVE-2022-28992

8.8 HIGH
Authentication Bypass CSRF

📋 TL;DR

This CSRF vulnerability in Online Banquet Booking System v1.0 allows attackers to trick authenticated administrators into unknowingly changing their own credentials via malicious POST requests. Attackers can gain administrative access to the system. Only systems running this specific software version are affected.

💻 Affected Systems

Products:
  • Online Banquet Booking System
Versions: 1.0
Operating Systems: Any
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects web applications with admin interfaces accessible via browser. Requires admin to be logged in while visiting malicious site.

📦 What is this software?

Online Banquet Booking System by Phpgurukul

View all CVEs affecting Online Banquet Booking System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise where attackers gain administrative access, potentially leading to data theft, system manipulation, or further attacks on users.

🟠

Likely Case

Attackers gain administrative privileges, allowing them to modify bookings, access sensitive customer data, or disrupt business operations.

🟢

If Mitigated

Attack fails due to proper CSRF protections, leaving system security intact with no impact on operations.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires social engineering to trick admin into clicking malicious link while authenticated. No authentication bypass needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Consider upgrading to newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Add unique, unpredictable CSRF tokens to all state-changing forms and validate them server-side.

Implementation varies by framework. Example for PHP: generate token with bin2hex(random_bytes(32)) and validate on POST.

SameSite Cookie Attribute

all

Set SameSite=Strict or SameSite=Lax on session cookies to prevent cross-site requests.

Set-Cookie: session=value; SameSite=Strict; Secure; HttpOnly

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block CSRF patterns
  • Require re-authentication for credential changes and other sensitive actions

🔍 How to Verify

Check if Vulnerable:

Check if admin credential change forms lack CSRF tokens or if tokens aren't validated. Test with proof-of-concept from references.

Check Version:

Check application version in admin panel or source code comments.

Verify Fix Applied:

Verify that all forms include unique CSRF tokens that are properly validated. Test that malicious POST requests fail.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed admin credential change attempts from same IP
  • Admin credential changes from unusual user agents or referrers

Network Indicators:

  • POST requests to admin credential endpoints without proper referrer headers or CSRF tokens

SIEM Query:

source="web_logs" AND (uri="/admin/change_credentials" OR uri="/admin/update_profile") AND referrer NOT CONTAINS "yourdomain.com"

📊 Metadata

CVE ID: CVE-2022-28992
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-352
Published: May 20, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-28992, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)