CVE-2022-31352

Name of the Vulnerable Software and Affected Versions Online Car Wash Booking System version 1.0

Description The issue concerns a SQL injection in the /ocwbs/admin/services/manage service.php endpoint, specifically with the id parameter. This allows for potential unauthorized access and manipulation of data. No information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations For Online Car Wash Booking System version 1.0, as a temporary workaround, consider restricting access to the /ocwbs/admin/services/manage service.php endpoint until a patch is available. Avoid using the id parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.