cbcvebase.
CVE-2022-28079
published 2022-05-05

CVE-2022-28079: College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter.

PriorityP275high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
28.83%
97.9th percentile
College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter.

Affected

1 ranges
VendorProductVersion rangeFixed in
college_management_system_projectcollege_management_system

Detection & IOCsextracted from sources · hover to see the quote

path/admin/asign-single-student-subjects.php
commandsubmit=Press&roll_no=3&course_code=-6093' OR 2121=2121 AND 'ddQQ'='ddQQ
commandsubmit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#
commandsubmit=Press&roll_no=3&course_code=Select+Course%27+OR+1%3d1+OR+%27ns%27%3d%27ns
  • Monitor POST requests to /admin/asign-single-student-subjects.php containing SQL injection patterns in the course_code parameter (e.g., OR, UNION SELECT, single quotes).
  • The exploit requires authentication; look for authenticated sessions (valid PHPSESSID) combined with SQLi payloads in the course_code POST parameter.
  • The Nuclei template matches a successful UNION-based SQLi response with HTTP 302 redirect; detect responses containing md5 hash output in body with a 302 status code from the target endpoint.
  • SQLmap can be used against the vulnerable endpoint; detect sqlmap-style automated requests (e.g., sqlmap user-agent) targeting /admin/asign-single-student-subjects.php.
  • ·Exploitation requires prior authentication to the College Management System admin panel; unauthenticated access alone is insufficient to trigger the vulnerability.
  • ·The exploit was tested specifically on Windows 10 Pro with PHP 8.0.11 and Apache 2.4.51; behavior may differ on other stack configurations.

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vulncheck8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.