CVE-2023-44044 – Super Store Finder v3.6 and earlier contains a ... (How to Fix)

Q: What is the severity of CVE-2023-44044?

CVE-2023-44044 has a CVSS score of 7.2 (HIGH). Super Store Finder v3.6 and earlier contains a SQL injection vulnerability in the admin interface's search functionality. Attackers can exploit this to execute arbitrary SQL commands on the database. This affects all installations using vulnerable versions of the software.

📋 TL;DR

Super Store Finder v3.6 and earlier contains a SQL injection vulnerability in the admin interface's search functionality. Attackers can exploit this to execute arbitrary SQL commands on the database. This affects all installations using vulnerable versions of the software.

💻 Affected Systems

Products:

Super Store Finder

Versions: v3.6 and all earlier versions

Operating Systems: Any OS running PHP/MySQL

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin access to reach /admin/stores.php endpoint; default installations are vulnerable.

📦 What is this software?

Super Store Finder by Superstorefinder

View all CVEs affecting Super Store Finder →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, modification, or deletion; potential privilege escalation to full system control if database permissions allow.

🟠

Likely Case

Unauthorized data access, modification of store information, potential authentication bypass if database contains credentials.

🟢

If Mitigated

Limited impact if proper input validation and parameterized queries are implemented; database permissions restrict damage.

🌐 Internet-Facing: HIGH - Admin interface accessible over internet allows remote exploitation without authentication.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit the vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires admin authentication; SQL injection via search parameter is straightforward to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Check for updated version from vendor. 2. If no patch, implement input validation and parameterized queries in /admin/stores.php. 3. Apply web application firewall rules.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize search parameter before SQL query

Modify /admin/stores.php to filter search input using mysqli_real_escape_string() or prepared statements

WAF Rule Implementation

linux

Block SQL injection patterns in search parameter

Add ModSecurity rule: SecRule ARGS:search "@detectSQLi" "id:1001,phase:2,deny,status:403"

🧯 If You Can't Patch

Restrict access to /admin/ directory to trusted IP addresses only
Implement database user with minimal required permissions (read-only if possible)

🔍 How to Verify

Check if Vulnerable:

Test search parameter with SQL injection payloads like ' OR '1'='1 at /admin/stores.php

Check Version:

Check software version in admin panel or readme files

Verify Fix Applied:

Attempt SQL injection payloads; successful fix should return error or no data manipulation

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts followed by admin access
Suspicious search patterns in web server logs

Network Indicators:

HTTP POST requests to /admin/stores.php with SQL keywords in parameters
Unusual database connection patterns from web server

SIEM Query:

source="web_logs" AND uri="/admin/stores.php" AND (search="*OR*" OR search="*UNION*" OR search="*SELECT*")

📊 Metadata

CVE ID: CVE-2023-44044

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: September 27, 2023

Last Updated: November 21, 2024

🔗 References

https://github.com/TishaManandhar/Superstore-sql-poc/blob/main/SQL Exploit,Product,Third Party Advisory
https://github.com/TishaManandhar/Superstore-sql-poc/blob/main/SQL Exploit,Product,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-44044, you might also want to check these: