CVE-2022-46071
published 2022-12-14CVE-2022-46071: There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.
PriorityP258critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
4.31%
89.9th percentile
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| helmet_store_showroom_site_project | helmet_store_showroom_site | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect exploitation attempts by monitoring POST requests to /classes/Login.php?f=login containing SQL injection payloads such as OR 1=1 -- in the username parameter. ↗
- →A successful exploit results in an HTTP 200 response to GET /admin/ containing both 'Helmet Store' and 'Adminstrator Admin' in the response body — use this as a post-exploitation confirmation signature. ↗
- →The attack is a two-step sequence: (1) POST to /classes/Login.php?f=login with SQLi payload, followed by (2) GET /admin/ to verify admin access bypass — correlate both requests from the same source IP. ↗
- →Content-Type header 'application/x-www-form-urlencoded; charset=UTF-8' is used in the malicious login POST request; combined with the SQLi username pattern, this can be used for WAF/IDS rule tuning. ↗
- ·This vulnerability is specific to Helmet Store Showroom v1.0 (CPE: cpe:2.3:a:helmet_store_showroom_site_project:helmet_store_showroom_site:1.0). Detection rules should be scoped to this application version to avoid false positives. ↗
- ·The EPSS score is 0.75219 (98.882nd percentile), indicating very high likelihood of exploitation in the wild — prioritize detection and patching accordingly. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Helmet Store Showroom v1.0 - SQL Injection
nuclei·CVSS 9.8
CVE-2022-46071 [CRITICAL] Helmet Store Showroom v1.0 - SQL Injection
Helmet Store Showroom v1.0 - SQL Injection
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.
Template:
id: CVE-2022-46071
info:
name: Helmet Store Showroom v1.0 - SQL Injection
author: Harsh
severity: critical
description: |
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.
impact: |
Successful exploitation of this vulnerability could allow an attacker to extract sensitive information from the database.
remediation: |
Upgrade to the latest version to mitigate this vulnerability.
reference:
- https://yuyudhn.github.io/CVE-2022-46071/
- https://nvd.nist.gov/vuln/detail/CVE-2022-46071
classification:
cvss-metrics:
No writeups or analysis indexed.
2022-12-14
Published