CVE-2020-22211
published 2021-06-16CVE-2020-22211: SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
PriorityP178critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
7.94%
94.0th percentile
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 74cms | 74cms | — | — |
Detection & IOCsextracted from sources · hover to see the quote
url{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23↗
- →Look for GET requests to /plus/ajax_street.php with the 'key' parameter containing a single quote and UNION SELECT payload, indicating SQL injection exploitation attempts. ↗
- →Match HTTP response body for MD5 hash output confirming blind/union-based SQL injection success against 74cms ajax_street.php. ↗
- →Use FOFA queries 'app="74cms"' or 'body="74cms"' to identify exposed 74cms instances potentially vulnerable to CVE-2020-22211. ↗
- ·The vulnerability is specific to 74cms version 3.2.0; other versions may not be affected. ↗
- ·The exploit payload uses a UNION SELECT with 9 columns (positions 1–9), with the injectable value at column 8 (md5 output). Column count may vary if the schema differs. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x988-8hhc-g6v9: SQL Injection in 74cms 3
ghsa_unreviewed·2022-05-24
CVE-2020-22211 [CRITICAL] CWE-89 GHSA-x988-8hhc-g6v9: SQL Injection in 74cms 3
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
VulnCheck
74cms 74cms Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
vulncheck·2020·CVSS 9.8
CVE-2020-22211 [CRITICAL] 74cms 74cms Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
74cms 74cms Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
Affected: 74cms 74cms
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.f5.com/labs/articles/threat-intelligence/sensor-intel-series-top-cves-august-2024; https://www.f5.com/labs/articles/threat-intelligence/botpoke-scanner-switches-ip; https://www.f5.com/labs/articles/threat-intelligence/continued-scanning-for-cve-2023-1389
No detection rules found.
Nuclei
74cms - ajax_street.php 'key' SQL Injection
nuclei·CVSS 9.8
CVE-2020-22211 [CRITICAL] 74cms - ajax_street.php 'key' SQL Injection
74cms - ajax_street.php 'key' SQL Injection
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
Template:
id: CVE-2020-22211
info:
name: 74cms - ajax_street.php 'key' SQL Injection
author: ritikchaddha
severity: critical
description: |
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data leakage, or data manipulation.
remediation: |
Apply the latest patch or update provided by the vendor to fix the SQL Injection vulnerability in the 'key' parameter of ajax_street.php in 74cms.
reference:
- https://github.com/blindkey/cve_like/issues/13
- https://nvd.nist.gov/vuln/detail/CVE-2020-
No writeups or analysis indexed.
2021-06-16
Published
Exploited in the wild