CVE-2022-43353

Vulnerability

Sanitization Management System v1.0 by oretnom23 contains a SQL injection vulnerability in the id parameter of the /admin/?page=orders/view_order endpoint. The application fails to properly sanitize user input before using it in a SQL query. Authenticated users with any level of access can exploit this flaw. The affected version is v1.0, as described in the source code repository [1].

Exploitation

An attacker must first log in with valid credentials; the default Super Admin account is admin/admin123 [1]. Once authenticated, the attacker can craft a malicious request by appending a SQL injection payload to the id parameter. For example, the payload 1' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ is used to extract the database name [1]. The attack does not require any special network position beyond access to the web application.

Impact

A successful exploit allows the attacker to extract sensitive information from the database, such as the database name (sms_db) and potentially other confidential data. This is a confidentiality impact, as the attacker can read arbitrary data from the database but not directly modify or execute commands [1]. The privilege level required is that of an authenticated user, which may be a lower-privileged user if not using the default admin credentials.

Mitigation

As of the available references, no official patch or fixed version has been released for Sanitization Management System v1.0 [1]. Users should consider disabling the vulnerable endpoint or implementing input validation and parameterized queries as a workaround. The source code is available for review and custom patching. There is no indication that this CVE is listed in the Known Exploited Vulnerabilities (KEV) catalog.