cbcvebase.
CVE-2022-44291
published 2022-12-02

CVE-2022-44291: webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.

PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
3.70%
88.4th percentile
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.

Affected

1 ranges
VendorProductVersion rangeFixed in
webtareas_projectwebtareas

Detection & IOCsextracted from sources · hover to see the quote

url/administration/phasesets.php?mode=delete&id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162
path/administration/phasesets.php
cookiewebTareasSID
commandid=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162
  • Time-based blind SQL injection detection: monitor for requests to phasesets.php with SLEEP() payloads in the id parameter causing response delays ≥6 seconds
  • Successful exploitation results in an HTTP 302 redirect with an empty response body; correlate with prior authentication to /general/login.php and presence of webTareasSID session cookie
  • Attack requires prior authentication; look for multipart/form-data POST to /general/login.php followed immediately by GET to /administration/phasesets.php with SQL injection in id parameter
  • The SQL injection payload targets the mode=delete action on phasesets.php; alert on URL-encoded SQL keywords (SELECT, SLEEP, AND) in the id parameter of this endpoint
  • ·The exploit requires valid credentials; the SQL injection is authenticated, so unauthenticated scanning will not trigger the vulnerability
  • ·Detection relies on a response time threshold of ≥6 seconds (SLEEP(6)); network latency or server load may cause false positives or false negatives in time-based detection
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.