Login Sign Up

CVE-2022-31355

9.8 CRITICAL
SQL Injection

📋 TL;DR

Online Ordering System v2.3.2 contains a SQL injection vulnerability in the category search parameter. Attackers can execute arbitrary SQL commands through the /ordering/index.php endpoint, potentially compromising the database. All systems running this specific version are affected.

💻 Affected Systems

Products:
  • Online Ordering System
Versions: v2.3.2
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in default installation via the category search parameter.

📦 What is this software?

Online Ordering System by Online Ordering System Project

View all CVEs affecting Online Ordering System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, authentication bypass, and potential remote code execution via database functions.

🟠

Likely Case

Database information disclosure, data manipulation, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept available on GitHub, exploitation requires minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize the search parameter before processing SQL queries.

Modify /ordering/index.php to validate and sanitize the 'search' parameter using prepared statements or parameterized queries.

Web Application Firewall Rule

all

Block SQL injection patterns in the search parameter.

Add WAF rule to block requests containing SQL keywords in the search parameter: 'UNION', 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'OR', 'AND' with special characters.

🧯 If You Can't Patch

  • Implement network segmentation to isolate the vulnerable system from critical assets.
  • Enable detailed logging and monitoring for SQL injection attempts on the affected endpoint.

🔍 How to Verify

Check if Vulnerable:

Test the endpoint with SQL injection payloads: /ordering/index.php?q=category&search=' OR '1'='1

Check Version:

Check the system version in the application interface or configuration files.

Verify Fix Applied:

Test with SQL injection payloads after applying fixes; successful payloads should be blocked or sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in application logs
  • Multiple failed login attempts following SQL injection patterns
  • Database error messages containing SQL syntax

Network Indicators:

  • HTTP requests to /ordering/index.php with SQL keywords in parameters
  • Unusual database connection patterns from web server

SIEM Query:

source="web_logs" AND uri="/ordering/index.php" AND (param="search" AND value MATCHES "(?i)(union|select|insert|update|delete|drop|or|and).*['\"]")

📊 Metadata

CVE ID: CVE-2022-31355
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: June 17, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-31355, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)