CVE-2022-30827

Vulnerability

Wedding Management System v1.0 by codeastro.com is vulnerable to SQL injection in the \admin\package_edit.php file. The id parameter is directly incorporated into a SQL query without sanitization or parameterization, allowing an attacker to inject arbitrary SQL commands. This vulnerability affects version 1.0 as provided by the vendor [1].

Exploitation

An attacker can exploit this vulnerability without authentication by sending a crafted GET request to /Wedding-Management/admin/package_edit.php?id= with a malicious payload. For example, the payload id=-1 union select 1,2,database(),4--+ extracts the database name. The attacker only needs network access to the vulnerable application [1].

Impact

Successful exploitation allows an attacker to retrieve sensitive information from the database, such as application credentials, user data, or other stored records. The database name dbwedding was disclosed in the proof-of-concept. This is a classic SQL injection that can lead to full database compromise [1].

Mitigation

As of the publication date (2022-05-31), no fixed version has been released by the vendor. The software is available on codeastro.com, but no patch or update addressing this SQL injection has been identified. Users should consider input validation and prepared statements as a workaround until an official fix is provided [1].