cbcvebase.
CVE-2022-29007
published 2022-05-11

CVE-2022-29007: Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers…

PriorityP182critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
18.33%
96.9th percentile
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication.

Affected

1 ranges
VendorProductVersion rangeFixed in
phpgurukuldairy_farm_shop_management_system

Detection & IOCsextracted from sources · hover to see the quote

url/dfsms/index.php
commandusername=admin' or '1'='1&password=1&login=login
  • Detect SQL injection auth-bypass attempt by inspecting POST body to /dfsms/index.php for classic OR-based SQLi payload in the username parameter.
  • A successful exploitation results in an HTTP 200 response containing the strings 'Add Product', 'Admin', and 'DFSMS' in the response body — use these as post-auth confirmation indicators.
  • The attack targets the Admin panel login form via POST to /dfsms/index.php with Content-Type application/x-www-form-urlencoded; monitor for SQLi patterns in the username and password POST parameters.
  • After successful auth bypass, attacker accesses /dfsms/add-category.php — monitor for unauthenticated or anomalous access to this administrative path following a suspicious login attempt.
  • ·The SQLi payload and paths are specific to Dairy Farm Shop Management System v1.0 installed under the /dfsms/ web root; installations under a different base path will require adjusted detection rules.
  • ·The vulnerability affects both the username and password parameters; the provided PoC only demonstrates injection via username — detections should cover both parameters.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.