Login Sign Up

CVE-2022-31976

9.8 CRITICAL
SQL Injection

📋 TL;DR

Online Fire Reporting System v1.0 contains a SQL injection vulnerability in the delete_request function that allows attackers to execute arbitrary SQL commands. This affects all users running the vulnerable version of the software. Attackers can potentially access, modify, or delete database contents.

💻 Affected Systems

Products:
  • Online Fire Reporting System
Versions: v1.0
Operating Systems: Any OS running PHP web server
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all installations of v1.0. No specific configuration required for exploitation.

📦 What is this software?

Online Fire Reporting System by Online Fire Reporting System Project

View all CVEs affecting Online Fire Reporting System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover via subsequent attacks.

🟠

Likely Case

Unauthorized data access, modification of fire reporting records, or denial of service by deleting critical data.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-critical data.

🌐 Internet-Facing: HIGH - The vulnerable endpoint is accessible via web interface, making it directly exploitable from the internet.
🏢 Internal Only: HIGH - Even internal attackers or compromised accounts could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept exists in GitHub repository. Simple SQL injection payloads can exploit this vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No vendor advisory found

Restart Required: No

Instructions:

No official patch available. Consider implementing workarounds or migrating to alternative software.

🔧 Temporary Workarounds

Input Validation Filter

all

Add parameter validation to filter malicious SQL characters before processing

Modify /ofrs/classes/Master.php to sanitize all user inputs using prepared statements or parameterized queries

Web Application Firewall

all

Deploy WAF with SQL injection rules to block exploitation attempts

Configure WAF to block requests containing SQL keywords to /ofrs/classes/Master.php?f=delete_request

🧯 If You Can't Patch

  • Restrict network access to the application using firewall rules
  • Implement database user with minimal privileges (read-only where possible)

🔍 How to Verify

Check if Vulnerable:

Test the endpoint with SQL injection payloads like: /ofrs/classes/Master.php?f=delete_request&id=1' OR '1'='1

Check Version:

Check application version in web interface or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return proper error handling

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple requests to delete_request endpoint with SQL keywords

Network Indicators:

  • HTTP requests containing SQL injection patterns to vulnerable endpoint

SIEM Query:

source="web_logs" AND uri="/ofrs/classes/Master.php" AND (query="*delete_request*" AND (query="*' OR*" OR query="*UNION*" OR query="*SELECT*"))

📊 Metadata

CVE ID: CVE-2022-31976
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: June 2, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-31976, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)