CVE-2022-29009
published 2022-05-11CVE-2022-29009: Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows…
PriorityP272critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
21.28%
97.3th percentile
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpgurukul | cyber_cafe_management_system | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →POST request to /ccms/index.php with SQL injection payload in username parameter (%27+Or+1--+-) should be flagged as an authentication bypass attempt. ↗
- →Successful exploitation results in a 200 response on /ccms/dashboard.php containing both 'CCMS Admin Dashboard' and 'CCMS ADMIN | Admin' in the body — use these strings to confirm auth bypass. ↗
- →Content-Type header 'application/x-www-form-urlencoded; charset=UTF-8' is used in the exploit POST request; monitor for SQLi payloads in form-encoded login submissions to /ccms/index.php. ↗
- ·The Nuclei template targets the path prefix /ccms/ — deployments may differ if the application is installed under a different web root or subdirectory. ↗
- ·Detection requires BOTH body strings present AND HTTP 200 status on the dashboard redirect; a partial match (only one string) should not be treated as confirmed exploitation. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Cyber Cafe Management System 1.0 - SQL Injection
nuclei·CVSS 9.8
CVE-2022-29009 [CRITICAL] Cyber Cafe Management System 1.0 - SQL Injection
Cyber Cafe Management System 1.0 - SQL Injection
Cyber Cafe Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
Template:
id: CVE-2022-29009
info:
name: Cyber Cafe Management System 1.0 - SQL Injection
author: TenBird
severity: critical
description: |
Cyber Cafe Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context o
Greynoiseio
NoiseLetter October 2025
blogs_greynoiseio
NoiseLetter October 2025
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
Greynoiseio
NoiseLetter November 2025
blogs_greynoiseio
NoiseLetter November 2025
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
2022-05-11
Published