cbcvebase.
CVE-2022-46071
published 2022-12-14

CVE-2022-46071: There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.

PriorityP258critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
4.31%
89.9th percentile
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.

Affected

1 ranges
VendorProductVersion rangeFixed in
helmet_store_showroom_site_projecthelmet_store_showroom_site

Detection & IOCsextracted from sources · hover to see the quote

url/classes/Login.php?f=login
path/admin/
commandusername='+OR+1%3D1+--+-&password=1234
  • Detect exploitation attempts by monitoring POST requests to /classes/Login.php?f=login containing SQL injection payloads such as OR 1=1 -- in the username parameter.
  • A successful exploit results in an HTTP 200 response to GET /admin/ containing both 'Helmet Store' and 'Adminstrator Admin' in the response body — use this as a post-exploitation confirmation signature.
  • The attack is a two-step sequence: (1) POST to /classes/Login.php?f=login with SQLi payload, followed by (2) GET /admin/ to verify admin access bypass — correlate both requests from the same source IP.
  • Content-Type header 'application/x-www-form-urlencoded; charset=UTF-8' is used in the malicious login POST request; combined with the SQLi username pattern, this can be used for WAF/IDS rule tuning.
  • ·This vulnerability is specific to Helmet Store Showroom v1.0 (CPE: cpe:2.3:a:helmet_store_showroom_site_project:helmet_store_showroom_site:1.0). Detection rules should be scoped to this application version to avoid false positives.
  • ·The EPSS score is 0.75219 (98.882nd percentile), indicating very high likelihood of exploitation in the wild — prioritize detection and patching accordingly.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.