Login Sign Up

CVE-2022-32010

7.2 HIGH
SQL Injection

📋 TL;DR

Complete Online Job Search System v1.0 contains a SQL injection vulnerability in the admin user edit page that allows attackers to execute arbitrary SQL commands. This affects all installations of this specific software version. Attackers can potentially access, modify, or delete database contents through this vulnerability.

💻 Affected Systems

Products:
  • Complete Online Job Search System
Versions: v1.0
Operating Systems: Any
Default Config Vulnerable: ⚠️ Yes
Notes: Specifically affects the admin interface at /eris/admin/user/index.php with view=edit parameter

📦 What is this software?

Complete Online Job Search System by Complete Online Job Search System Project

View all CVEs affecting Complete Online Job Search System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full database compromise including credential theft, data exfiltration, and complete system takeover via privilege escalation.

🟠

Likely Case

Unauthorized data access, modification of user accounts, and potential administrative access to the system.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-sensitive data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires admin access but SQL injection is straightforward once authenticated

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Consider replacing with alternative software or implementing custom fixes.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Modify the vulnerable PHP file to use prepared statements and validate the 'id' parameter

Edit /eris/admin/user/index.php to replace direct SQL with PDO or mysqli prepared statements

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns targeting the vulnerable endpoint

Add WAF rule: Block requests to /eris/admin/user/index.php with suspicious SQL patterns in parameters

🧯 If You Can't Patch

  • Restrict access to /eris/admin/ directory to trusted IP addresses only
  • Disable or remove the vulnerable system and migrate to a supported alternative

🔍 How to Verify

Check if Vulnerable:

Test the endpoint with SQL injection payloads like: /eris/admin/user/index.php?view=edit&id=1' OR '1'='1

Check Version:

Check software documentation or configuration files for version information

Verify Fix Applied:

Test with same payloads and verify they're rejected or properly handled without SQL execution

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts followed by SQL error messages
  • Unusual database queries from web server process
  • Requests to /eris/admin/user/index.php with SQL keywords in parameters

Network Indicators:

  • HTTP requests containing SQL injection patterns in GET parameters
  • Unusual outbound database connections from web server

SIEM Query:

source="web_logs" AND uri="/eris/admin/user/index.php" AND (param="id" AND value MATCHES "'.*OR.*|'.*AND.*|'.*UNION.*")

📊 Metadata

CVE ID: CVE-2022-32010
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: June 2, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-32010, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)