Login Sign Up

CVE-2022-33060

7.2 HIGH
SQL Injection

📋 TL;DR

Online Railway Reservation System v1.0 contains a SQL injection vulnerability in the delete_schedule function that allows attackers to execute arbitrary SQL commands via the id parameter. This affects all deployments of this specific software version. Attackers could potentially access, modify, or delete database content.

💻 Affected Systems

Products:
  • Online Railway Reservation System
Versions: v1.0
Operating Systems: Any
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all installations of v1.0 regardless of configuration.

📦 What is this software?

Online Railway Reservation System by Online Railway Reservation System Project

View all CVEs affecting Online Railway Reservation System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, authentication bypass, and potential remote code execution if database permissions allow.

🟠

Likely Case

Unauthorized data access, modification or deletion of schedule records, and potential privilege escalation.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only schedule data exposure.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authentication but SQL injection is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Consider replacing with alternative software or implementing custom fixes.

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to ensure id parameter contains only numeric values

Modify /classes/Master.php to validate id parameter before processing

WAF Rule

all

Implement web application firewall rules to block SQL injection patterns

Add WAF rule: Detect and block SQL injection patterns in id parameter

🧯 If You Can't Patch

  • Implement strict input validation and parameterized queries in the application code
  • Restrict database user permissions to minimum required, implement network segmentation

🔍 How to Verify

Check if Vulnerable:

Test the /classes/Master.php?f=delete_schedule endpoint with SQL injection payloads in id parameter

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return appropriate error messages

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple failed delete_schedule attempts with malformed id values
  • Database queries with unexpected syntax

Network Indicators:

  • HTTP requests to /classes/Master.php with SQL keywords in parameters
  • Unusual database connection patterns

SIEM Query:

source="web_logs" AND uri="/classes/Master.php" AND (param="id" AND value CONTAINS "UNION" OR value CONTAINS "SELECT" OR value CONTAINS "--" OR value CONTAINS "')")

📊 Metadata

CVE ID: CVE-2022-33060
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: June 29, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-33060, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)