CVE-2022-34265

This repository contains a functional proof-of-concept for CVE-2022-34265, demonstrating SQL injection in Django's Trunc and Extract functions via crafted HTTP requests. The PoC includes a Dockerized environment with vulnerable Django 4.0.5 and PostgreSQL, along with test cases to verify the exploit.

This repository contains a functional proof-of-concept for CVE-2022-34265, a SQL injection vulnerability in Django's `Trunc()` and `Extract()` database functions. It includes a Dockerized Django application with vulnerable endpoints and payloads to demonstrate the exploit.

This repository contains a functional Django application demonstrating CVE-2022-34265, a SQL injection vulnerability in Django's Trunc and Extract functions. The PoC includes vulnerable views that directly pass user-controlled input to these functions, allowing arbitrary SQL execution.

This repository provides a functional Django application demonstrating CVE-2022-34265, a SQL injection vulnerability in Django's `Trunc()` and `Extract()` database functions. It includes a Dockerized environment and example payloads to exploit the vulnerability via crafted HTTP requests.

This repository contains a functional proof-of-concept for CVE-2022-34265, a SQL injection vulnerability in Django's `Trunc()` and `Extract()` database functions. It includes a Dockerized Django application with vulnerable endpoints (`/extract/` and `/trunc/`) and provides payloads to exploit the vulnerability.

This repository contains a functional Django application demonstrating CVE-2022-34265, a SQL injection vulnerability in Django's Trunc and Extract functions. The PoC includes vulnerable views that allow arbitrary SQL execution via user-controlled input in the 'kind' and 'lookup_name' parameters.