CVE-2022-28346 Please specify django version

Please specify django version

Open PunitTailor55 opened this issue 2 years ago • 1 comments

I have tried your code on Django 4.0.4. Vulnerability is not working. It is showing an error, column aliases cannot contain whitespace characters, quotation marks, semicolon, or SQL comments.

Django version 4.0.4 Python version 3.9.6

Payload : http://127.0.0.1:8000/demo/?field=demo.name%22%20FROM%20%22demo_user%22%20union%20SELECT%20%221%22,sqlite_version(),%223%22%20--

May 01 '22 10:05 PunitTailor55

@PunitTailor55 I'm using django 3.2.11, docker container is being made

May 01 '22 14:05 DeEpinGh0st

CVE-2022-28346 CVE-2022-28346 copied to clipboard

Please specify django version

CVE-2022-28346
CVE-2022-28346 copied to clipboard