CVE-2022-44290
published 2022-12-02CVE-2022-44290: webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
3.70%
88.4th percentile
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| webtareas_project | webtareas | — | — |
Detection & IOCsextracted from sources · hover to see the quote
url/approvals/deleteapprovalstages.php?id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162↗
- →Detect time-based blind SQLi exploitation attempts against deleteapprovalstages.php by monitoring for SLEEP() payloads in the id parameter of GET requests to /approvals/deleteapprovalstages.php ↗
- →Successful exploitation returns HTTP 200 with body containing 'Delete the following?' and Content-Type text/html; use this as a confirmation signal in detection logic ↗
- →Exploitation requires prior authentication via POST to /general/login.php?session=false with multipart/form-data; correlate login events followed by SQLi requests to deleteapprovalstages.php ↗
- →Alert on response durations >= 6 seconds for requests to /approvals/deleteapprovalstages.php, indicative of a successful SLEEP(6) time-based injection ↗
- ·The time-based detection threshold of 6 seconds (SLEEP(6)) may produce false positives on slow networks or overloaded servers; tune the duration threshold accordingly in production environments ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WebTareas 2.4p5 - SQL Injection
nuclei·CVSS 9.8
CVE-2022-44290 [CRITICAL] WebTareas 2.4p5 - SQL Injection
WebTareas 2.4p5 - SQL Injection
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.
Template:
id: CVE-2022-44290
info:
name: WebTareas 2.4p5 - SQL Injection
author: theamanrawat
severity: critical
description: |
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.
impact: |
Authenticated attackers can execute time-based blind SQL injection through the id parameter in deleteapprovalstages.php, potentially extracting sensitive database information including task data, user credentials, and project information from WebTareas.
remediation: |
Update WebTareas to a version later than 2.4p5 that properly sanitizes and parameterizes the id parameter in dele
No writeups or analysis indexed.
2022-12-02
Published