CVE-2022-30518
Description
ChatBot Application with a Suggestion Feature 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /simple_chat_bot/admin/responses/view_response.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Blind SQL injection in ChatBot Application 1.0 via the id parameter in view_response.php enables unauthenticated data exfiltration.
Vulnerability
ChatBot Application with a Suggestion Feature 1.0 suffers from a blind SQL injection in the file /simple_chat_bot/admin/responses/view_response.php. The id parameter is directly concatenated into a SQL query without sanitization: SELECT * from \response_list\ where id = '{$_GET['id']}'. This affects version 1.0 as available from SourceCodester. [1]
Exploitation
An unauthenticated attacker can exploit the vulnerability by sending a crafted GET request to the endpoint with a malicious id parameter. The provided proof-of-concept uses sqlmap with a time-based blind payload: id=0' AND (SELECT 9931 FROM (SELECT(SLEEP(5)))Etug)--. No authentication is required, and the attacker only needs network access to the application. [1]
Impact
Successful exploitation allows an attacker to extract arbitrary data from the database, including potentially sensitive information such as user credentials or application secrets. The injection is time-based blind, meaning each bit of data must be inferred through response delays, but the attacker can systematically enumerate the entire database. [1]
Mitigation
No official patch has been released as of the publication date. The vendor (SourceCodester) has not issued a fixed version. Users should sanitize all user inputs, specifically the id parameter, by using prepared statements or parameterized queries. Until a patch is available, restricting access to the admin endpoint or applying a web application firewall (WAF) rule to block SQL injection patterns is recommended. [1][2]
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- ChatBot Application with a Suggestion Feature/ChatBot Application with a Suggestion Featuredescription
- ChatBot Application with a Suggestion Feature/ChatBot Application with a Suggestion Featurellm-createRange: = 1.0
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Direct interpolation of the unsanitized `id` GET parameter into a SQL query allows SQL injection."
Attack vector
An attacker sends a crafted GET request to `/simple_chat_bot/admin/responses/view_response.php` with a malicious `id` parameter. The application directly concatenates this parameter into a SQL query, allowing time-based blind SQL injection. The researcher demonstrated a payload of `id=0' AND (SELECT 9931 FROM (SELECT(SLEEP(5)))Etug)--` which causes a 5-second delay, confirming the injection is exploitable [ref_id=1]. No authentication or special privileges are mentioned as prerequisites.
Affected code
The vulnerable code is in `/simple_chat_bot/admin/responses/view_response.php` at line 4. The query `$qry = $conn->query("SELECT * from `response_list` where id = '{$_GET['id']}' ");` directly interpolates the user-supplied `id` GET parameter into the SQL statement without sanitization or parameterization [ref_id=1].
What the fix does
No patch is provided in the bundle. The advisory does not include a fix or remediation guidance from the vendor. To close the vulnerability, the application should use prepared statements or parameterized queries (e.g., with PDO or MySQLi prepared statements) instead of directly interpolating the `id` parameter into the SQL string, which would prevent an attacker from injecting arbitrary SQL syntax [ref_id=1].
Preconditions
- networkThe attacker must be able to send HTTP GET requests to the vulnerable endpoint /simple_chat_bot/admin/responses/view_response.php
- inputThe id parameter must be accepted and processed by the vulnerable PHP script
Reproduction
Use sqlmap with the following command: `sqlmap -u 'http://localhost/simple_chat_bot/admin/?id=0&page=responses/view_response' -p id --level=5 --risk=3 --dbs --random-agent --eta`. Alternatively, manually send a GET request with the payload `id=0' AND (SELECT 9931 FROM (SELECT(SLEEP(5)))Etug)--` and observe a 5-second delay in the response [ref_id=1].
Generated on May 25, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- cxsecurity.com/issue/WLB-2022050020mitrex_refsource_MISC
- packetstormsecurity.com/files/166984/ChatBot-Application-With-A-Suggestion-Feature-1.0-SQL-Injection.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.