Login Sign Up

CVE-2022-31996

7.2 HIGH
SQL Injection

📋 TL;DR

Badminton Center Management System v1.0 contains a SQL injection vulnerability in the sales management module that allows attackers to execute arbitrary SQL commands via the 'id' parameter. This affects all users running the vulnerable version of the software. Attackers could potentially access, modify, or delete database contents.

💻 Affected Systems

Products:
  • Badminton Center Management System
Versions: v1.0
Operating Systems: Any
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default installation and requires no special configuration to be exploitable.

📦 What is this software?

Badminton Center Management System by Badminton Center Management System Project

View all CVEs affecting Badminton Center Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover via SQL injection to RCE chaining.

🟠

Likely Case

Unauthorized access to sensitive data including customer information, financial records, and administrative credentials stored in the database.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting attacker access to non-sensitive data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires admin panel access but SQL injection is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Implement parameterized queries or input validation in the affected PHP files.

🔧 Temporary Workarounds

Web Application Firewall

all

Deploy a WAF with SQL injection protection rules to block malicious requests.

Input Validation

all

Add input validation to sanitize the 'id' parameter in bcms/admin/?page=sales/manage_sale.

Edit the PHP file handling the manage_sale page to validate that 'id' contains only numeric characters.

🧯 If You Can't Patch

  • Restrict access to the admin panel using IP whitelisting or VPN.
  • Implement database user with minimal privileges (read-only if possible) for the application.

🔍 How to Verify

Check if Vulnerable:

Test the vulnerable endpoint with SQL injection payloads like: bcms/admin/?page=sales/manage_sale&id=1' OR '1'='1

Check Version:

Check the software version in the admin panel or configuration files.

Verify Fix Applied:

Attempt SQL injection tests after implementing fixes; successful payloads should be rejected or sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts followed by access to /bcms/admin/

Network Indicators:

  • HTTP requests containing SQL keywords (UNION, SELECT, etc.) to the vulnerable endpoint

SIEM Query:

source="web_logs" AND uri="/bcms/admin/" AND (query="*UNION*" OR query="*SELECT*" OR query="*OR '1'='1*")

📊 Metadata

CVE ID: CVE-2022-31996
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: June 2, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-31996, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)