CVE-2022-44291
published 2022-12-02CVE-2022-44291: webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
3.70%
88.4th percentile
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| webtareas_project | webtareas | — | — |
Detection & IOCsextracted from sources · hover to see the quote
url/administration/phasesets.php?mode=delete&id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162
path/administration/phasesets.php
cookiewebTareasSID
commandid=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162
- →Time-based blind SQL injection detection: monitor for requests to phasesets.php with SLEEP() payloads in the id parameter causing response delays ≥6 seconds
- →Successful exploitation results in an HTTP 302 redirect with an empty response body; correlate with prior authentication to /general/login.php and presence of webTareasSID session cookie
- →Attack requires prior authentication; look for multipart/form-data POST to /general/login.php followed immediately by GET to /administration/phasesets.php with SQL injection in id parameter
- →The SQL injection payload targets the mode=delete action on phasesets.php; alert on URL-encoded SQL keywords (SELECT, SLEEP, AND) in the id parameter of this endpoint ↗
- ·The exploit requires valid credentials; the SQL injection is authenticated, so unauthenticated scanning will not trigger the vulnerability
- ·Detection relies on a response time threshold of ≥6 seconds (SLEEP(6)); network latency or server load may cause false positives or false negatives in time-based detection
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WebTareas 2.4p5 - SQL Injection
nuclei·CVSS 9.8
CVE-2022-44291 [CRITICAL] WebTareas 2.4p5 - SQL Injection
WebTareas 2.4p5 - SQL Injection
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.
Template:
id: CVE-2022-44291
info:
name: WebTareas 2.4p5 - SQL Injection
author: theamanrawat
severity: critical
description: |
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.
impact: |
Authenticated attackers can execute time-based blind SQL injection through the id parameter in phasesets.php, potentially extracting sensitive database information including project phases, task data, and user credentials from WebTareas.
remediation: |
Update WebTareas to a version later than 2.4p5 that properly sanitizes and parameterizes the id parameter in phasesets.php.
reference:
- http://webtare
No writeups or analysis indexed.
2022-12-02
Published