CVE-2026-22195
📋 TL;DR
GestSup versions before 3.2.60 contain a SQL injection vulnerability in the search bar functionality. Authenticated attackers can manipulate database queries through user-controlled search input, potentially accessing or modifying sensitive data. All organizations running vulnerable GestSup versions are affected.
💻 Affected Systems
- GestSup
📦 What is this software?
Gestsup by Gestsup
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including data theft, modification, or deletion, potentially leading to privilege escalation or full system takeover depending on database permissions.
Likely Case
Unauthorized access to sensitive ticket data, user information, or configuration details stored in the database.
If Mitigated
Limited impact due to proper input validation, parameterized queries, or database user restrictions.
🎯 Exploit Status
SQL injection vulnerabilities are commonly exploited with readily available tools. Authentication requirement reduces immediate risk but doesn't prevent exploitation by malicious insiders or compromised accounts.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 3.2.60
Vendor Advisory: https://gestsup.fr/index.php?page=changelog
Restart Required: No
Instructions:
1. Backup your GestSup installation and database. 2. Download version 3.2.60 or later from the official GestSup website. 3. Follow the standard GestSup upgrade procedure. 4. Verify the update was successful by checking the version number.
🔧 Temporary Workarounds
Input Validation Filter
allImplement server-side input validation to sanitize search parameters before processing.
Web Application Firewall Rules
allDeploy WAF rules to detect and block SQL injection patterns in search requests.
🧯 If You Can't Patch
- Restrict database user permissions to minimum required for application functionality.
- Implement network segmentation to isolate the GestSup server from sensitive systems.
🔍 How to Verify
Check if Vulnerable:
Check GestSup version in administration panel or by examining the application files. Versions below 3.2.60 are vulnerable.Check Version:
Check GestSup admin interface or examine version.php file in installation directory.Verify Fix Applied:
Confirm version is 3.2.60 or higher in administration panel and test search functionality with safe inputs.📡 Detection & Monitoring
Log Indicators:
- Unusual search queries containing SQL syntax like UNION, SELECT, INSERT, or database commands
- Multiple failed login attempts followed by search activity
- Search queries with unusual length or special characters
Network Indicators:
- HTTP POST requests to search endpoints containing SQL keywords or special characters
- Abnormal database query patterns from application server
SIEM Query:
source="gestup_logs" AND (message="*SELECT*" OR message="*UNION*" OR message="*INSERT*")