Login Sign Up

CVE-2022-29659

9.8 CRITICAL
SQL Injection

📋 TL;DR

This vulnerability allows attackers to execute arbitrary SQL commands via the 'id' parameter in single.php in Responsive Online Blog v1.0. This can lead to unauthorized data access, modification, or deletion. Anyone running this specific version of the blog software is affected.

💻 Affected Systems

Products:
  • Responsive Online Blog
Versions: v1.0
Operating Systems: Any OS running PHP/MySQL
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all installations of v1.0 regardless of configuration.

📦 What is this software?

Responsive Online Blog by Responsive Online Blog Project

View all CVEs affecting Responsive Online Blog →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, and potential remote code execution if database permissions allow file system access.

🟠

Likely Case

Unauthorized access to sensitive blog data (user credentials, posts, comments) and potential privilege escalation.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept available showing simple exploitation via URL parameter manipulation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing manual fixes.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add input validation to ensure 'id' parameter contains only numeric values

Modify single.php to validate $_GET['id'] with is_numeric() or filter_var()

Parameterized Queries

all

Replace direct SQL concatenation with prepared statements

Replace $sql = "SELECT * FROM posts WHERE id='" . $_GET['id'] . "'" with prepared statements using PDO or mysqli

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block SQL injection patterns
  • Restrict database user permissions to minimum required (SELECT only if possible)

🔍 How to Verify

Check if Vulnerable:

Test single.php?id=1' OR '1'='1 and observe if SQL error or unexpected behavior occurs

Check Version:

Check version in source code comments or configuration files

Verify Fix Applied:

Test with SQL injection payloads and verify they are rejected or sanitized

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple requests with SQL syntax in id parameter

Network Indicators:

  • HTTP requests containing SQL keywords in URL parameters

SIEM Query:

web.url:*single.php* AND (web.param.id:*OR* OR web.param.id:*UNION* OR web.param.id:*SELECT*)

📊 Metadata

CVE ID: CVE-2022-29659
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: June 2, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-29659, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)