cbcvebase.
CVE-2022-29009
published 2022-05-11

CVE-2022-29009: Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows…

PriorityP272critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
21.28%
97.3th percentile
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication.

Affected

1 ranges
VendorProductVersion rangeFixed in
phpgurukulcyber_cafe_management_system

Detection & IOCsextracted from sources · hover to see the quote

url/ccms/index.php
url/ccms/dashboard.php
commandusername=%27+Or+1--+-&password=1&login=
  • POST request to /ccms/index.php with SQL injection payload in username parameter (%27+Or+1--+-) should be flagged as an authentication bypass attempt.
  • Successful exploitation results in a 200 response on /ccms/dashboard.php containing both 'CCMS Admin Dashboard' and 'CCMS ADMIN | Admin' in the body — use these strings to confirm auth bypass.
  • Content-Type header 'application/x-www-form-urlencoded; charset=UTF-8' is used in the exploit POST request; monitor for SQLi payloads in form-encoded login submissions to /ccms/index.php.
  • ·The Nuclei template targets the path prefix /ccms/ — deployments may differ if the application is installed under a different web root or subdirectory.
  • ·Detection requires BOTH body strings present AND HTTP 200 status on the dashboard redirect; a partial match (only one string) should not be treated as confirmed exploitation.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.