CVE-2022-28346

This repository contains a working proof-of-concept for CVE-2022-28346, demonstrating a SQL injection vulnerability in Django's QuerySet.annotate() method. The exploit allows arbitrary SQL execution via crafted input to the 'field' parameter.

This repository contains a working proof-of-concept for CVE-2022-28346, demonstrating SQL injection in Django's QuerySet.annotate() and aggregate() methods. The exploit is set up via Docker and includes a vulnerable Django application to showcase the vulnerability.

This repository contains a Django project demonstrating CVE-2022-28346, a SQL injection vulnerability in Django's QuerySet methods. It includes a Docker setup for testing the exploit.

This repository contains a Django-based PoC for CVE-2022-28346, demonstrating a SQL injection vulnerability in Django's QuerySet.annotate(), aggregate(), and extra() methods. The PoC includes a Django project with a vulnerable endpoint that can be exploited using a crafted SQL injection payload.