Login Sign Up

CVE-2022-33048

7.2 HIGH
SQL Injection

📋 TL;DR

Online Railway Reservation System v1.0 contains a SQL injection vulnerability in the admin reservations view page. Attackers can exploit this by manipulating the id parameter to execute arbitrary SQL commands, potentially compromising the database. This affects all deployments of version 1.0 that have the vulnerable admin interface exposed.

💻 Affected Systems

Products:
  • Online Railway Reservation System
Versions: v1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires admin access to reach the vulnerable endpoint, but SQL injection can potentially bypass authentication.

📦 What is this software?

Online Railway Reservation System by Online Railway Reservation System Project

View all CVEs affecting Online Railway Reservation System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, authentication bypass, and potential remote code execution via database functions.

🟠

Likely Case

Unauthorized access to reservation data, personal information disclosure, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires admin access to /orrs/admin/reservations/view_details.php endpoint, but SQL injection could enable privilege escalation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Implement parameterized queries in /orrs/admin/reservations/view_details.php to sanitize the id parameter.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules to block malicious requests to the vulnerable endpoint.

Input Validation Filter

all

Add server-side validation to ensure id parameter contains only numeric values before processing.

🧯 If You Can't Patch

  • Restrict access to /orrs/admin/ directory to trusted IP addresses only
  • Disable or remove the vulnerable view_details.php file if not required

🔍 How to Verify

Check if Vulnerable:

Test the /orrs/admin/reservations/view_details.php endpoint with SQL injection payloads like ' OR '1'='1 in the id parameter.

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return error messages or are properly sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL syntax in URL parameters
  • Multiple failed login attempts followed by SQL payloads
  • Access to view_details.php with non-numeric id values

Network Indicators:

  • HTTP requests to /orrs/admin/reservations/view_details.php containing SQL keywords (UNION, SELECT, INSERT, etc.)

SIEM Query:

source="web_logs" AND url="*view_details.php*" AND (url="*UNION*" OR url="*SELECT*" OR url="*OR '1'='1*")

📊 Metadata

CVE ID: CVE-2022-33048
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: June 21, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-33048, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)