CVE-2022-44347

Vulnerability

The Sanitization Management System v1.0, developed by oretnom23 and available from SourceCodester, contains a SQL injection vulnerability in the /php-sms/admin/?page=inquiries/view_inquiry&id= endpoint. The id parameter is directly concatenated into SQL queries without proper sanitization or parameterization. The vulnerability is reachable only after authenticating as an administrator (default credentials admin/admin123). The application runs on PHP 8.1 with MySQL [1].

Exploitation

An attacker with valid admin credentials can exploit this vulnerability by sending a crafted GET request to the vulnerable URL. The reference demonstrates a payload using updatexml to trigger an error-based SQL injection, which leaks the database name (sms_db). The attacker can modify the payload to extract arbitrary data from the database, such as user credentials or other sensitive information. No special network position is required beyond access to the admin panel [1].

Impact

Successful exploitation allows an authenticated attacker to read arbitrary data from the underlying MySQL database. This includes potentially sensitive information such as administrator passwords, user data, and application configuration. The impact is limited to information disclosure; the vulnerability does not directly enable remote code execution or privilege escalation beyond the existing admin role [1].

Mitigation

As of the publication date (2022-12-02), no official patch or updated version has been released by the vendor. Users are advised to restrict access to the admin panel to trusted IPs, implement input validation and parameterized queries for the id parameter, and monitor for any security updates from SourceCodester. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog [1].