CVE-2022-32018 – CVE-2022-32018 is an SQL injection vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2022-32018?

CVE-2022-32018 has a CVSS score of 7.2 (HIGH). CVE-2022-32018 is an SQL injection vulnerability in Complete Online Job Search System v1.0 that allows attackers to execute arbitrary SQL commands via the search parameter. This affects all deployments of this specific software version. Attackers could potentially access, modify, or delete database content.

📋 TL;DR

CVE-2022-32018 is an SQL injection vulnerability in Complete Online Job Search System v1.0 that allows attackers to execute arbitrary SQL commands via the search parameter. This affects all deployments of this specific software version. Attackers could potentially access, modify, or delete database content.

💻 Affected Systems

Products:

Complete Online Job Search System

Versions: v1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the specific PHP-based web application; no specific OS dependencies.

📦 What is this software?

Complete Online Job Search System by Complete Online Job Search System Project

View all CVEs affecting Complete Online Job Search System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full database compromise including credential theft, data exfiltration, and complete system takeover via privilege escalation.

🟠

Likely Case

Unauthorized data access and potential data manipulation of job listings, user information, and system configurations.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-sensitive data.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires no authentication and is simple to execute via crafted HTTP requests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Implement input validation and parameterized queries manually.

🔧 Temporary Workarounds

Web Application Firewall (WAF) Rule

all

Block SQL injection patterns in the search parameter

WAF-specific configuration to block patterns like UNION, SELECT, INSERT, DELETE, DROP in /eris/index.php?q=hiring&search=

Input Validation Filter

linux

Sanitize search parameter input in PHP

$search = filter_var($_GET['search'], FILTER_SANITIZE_STRING);

🧯 If You Can't Patch

Isolate the system behind a reverse proxy with strict input filtering
Implement database user with minimal permissions (read-only if possible)

🔍 How to Verify

Check if Vulnerable:

Test with payload: /eris/index.php?q=hiring&search=' OR '1'='1

Check Version:

Check application version in admin panel or source code comments

Verify Fix Applied:

Verify that SQL injection payloads no longer return unexpected data or errors

📡 Detection & Monitoring

Log Indicators:

Unusual SQL errors in web server logs
Multiple requests with SQL keywords in search parameter

Network Indicators:

HTTP requests containing SQL injection patterns to vulnerable endpoint

SIEM Query:

source="web_logs" AND uri="/eris/index.php" AND (query="*UNION*" OR query="*SELECT*" OR query="*OR '1'='1*")

📊 Metadata

CVE ID: CVE-2022-32018

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: June 2, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-12.md Exploit,Third Party Advisory
https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-12.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-32018, you might also want to check these: