CVE-2022-50805

CVE-2022-50805 describes a SQL injection vulnerability in Senayan Library Management System (SLiMS) version 9.0.0. The flaw exists in the 'class' parameter, which is not properly sanitized before inclusion in SQL queries. This allows an attacker to inject arbitrary SQL commands by crafting malicious input. The vulnerability is classified as CWE-89 (Improper Neutralization of Special Elements used in an SQL Command) [3].

Exploitation requires no authentication and can be performed over the network. The vulnerable parameter is passed via a GET request, making it easy to target. Proof-of-concept payloads have been publicly released, demonstrating both boolean-based blind injection and the ability to call MySQL's load_file function with a UNC path to an external server, confirming direct database interaction [2][4].

An attacker can leverage this vulnerability to extract sensitive information from the database, including user credentials, library records, and other stored data. The CVSS v3 base score of 8.2 (High) reflects the low complexity and network-based attack vector with high impact to confidentiality [3].

As of the publication date, no official patch has been announced by the vendor. Users are advised to upgrade to a newer version if available, or implement input validation and parameterized queries as a workaround. The vulnerability has been publicly disclosed and listed in the Exploit Database, increasing the risk of exploitation [2].