CVE-2022-36720 The v1.0 Library Management System was found to have a SQL injection vulnerability.

An attacker can leverage this vulnerability to execute arbitrary SQL commands against the affected system. An attacker exploiting this vulnerability can install applications, view data, hijack email, and more. System administrators should review the id parameter on all admin/modify1.php pages in System v1.0.1 to ensure it is not being used to inject content. In addition, System v1.0.1 was discovered to be vulnerable to a cross-site request forgery (CSRF) attack at /admin/modify1.php via the id parameter. An attacker could exploit this CSRF to hijack the login of another user or to perform other unwanted actions on the System v1.0.1 installation. It is recommended System administrators promptly apply the patch. Acknowledgements REpresentative Carl Wilson stated the following regarding the discovery of this issue. ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍

Vulnerability Confirmed by Dependency Walker

This vulnerability was discovered by a member of the Cisco Talos Intelligence and Research Group.

Vulnerability: Admin/Modify1.php Input Validation Failure

An attacker can leverage this vulnerability to execute arbitrary SQL commands against the affected system. An attacker exploiting this vulnerability can install applications, view data, hijack email, and more. System administrators should review the id parameter on all admin/modify1.php pages in System v1.0.1 to ensure it is not being used to inject content. In addition, System v1.0.1 was discovered to be vulnerable to a cross-site request forgery (CSRF) attack at /admin/modify1.php via the id parameter. An attacker could exploit this CSRF to hijack the login of another user or to perform other unwanted actions on the System v1.0.1 installation. It is recommended System administrators promptly apply the patch
Acknowledgements REpresentative Carl Wilson stated the following regarding the discovery of this issue:
“The CVE notice I sent out today contains information that is preliminary and incomplete because we are still working through our logs and gathering additional details."

Timeline

Published on: 08/25/2022 22:15:00 UTC
Last modified on: 08/27/2022 02:30:00 UTC

References

• https://github.com/k0xx11/bug_report/blob/main/vendors/kingbhob02/library-management-system/SQLi-13.md
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36720