Login Sign Up

CVE-2022-30927

9.8 CRITICAL
SQL Injection

📋 TL;DR

Simple Task Scheduling System 1.0 contains an unauthenticated SQL injection vulnerability in the 'id' parameter when using MySQL. Attackers can execute arbitrary SQL commands on the database, potentially compromising the entire application. This affects all deployments using the vulnerable version with MySQL.

💻 Affected Systems

Products:
  • Simple Task Scheduling System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only vulnerable when MySQL is used as the database backend. Other database systems may not be affected.

📦 What is this software?

Simple Task Scheduling System by Simple Task Scheduling System Project

View all CVEs affecting Simple Task Scheduling System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, privilege escalation, and potential remote code execution via database functions.

🟠

Likely Case

Data exfiltration, authentication bypass, and unauthorized access to sensitive task scheduling data.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting attacker capabilities.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit code available on GitHub. SQL injection is straightforward with no authentication required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: None

Vendor Advisory: None

Restart Required: No

Instructions:

No official patch available. Manually implement input validation and parameterized queries in the source code.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules to block malicious requests.

Database User Privilege Reduction

linux

Restrict database user permissions to only necessary operations.

REVOKE ALL PRIVILEGES ON database.* FROM 'app_user'@'%';
GRANT SELECT, INSERT, UPDATE, DELETE ON database.* TO 'app_user'@'%';

🧯 If You Can't Patch

  • Isolate the system from internet access and restrict to internal network only.
  • Implement strict network segmentation and monitor all database connections.

🔍 How to Verify

Check if Vulnerable:

Test the 'id' parameter with SQL injection payloads like: id=1' OR '1'='1

Check Version:

Check the application version in the source code or documentation files.

Verify Fix Applied:

Verify that SQL injection payloads no longer work and return proper error handling.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in application logs
  • Multiple failed login attempts from single IP
  • Database queries with suspicious patterns

Network Indicators:

  • Unusual database connection patterns
  • HTTP requests with SQL keywords in parameters

SIEM Query:

source=web_logs AND (url="*id=*'*" OR url="*id=*%27*")

📊 Metadata

CVE ID: CVE-2022-30927
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: June 6, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-30927, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)