aaronxu/vulhub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
vulhub/django/CVE-2022-34265
History
Aaron 63285f61aa
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Details
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Details
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Details
Vulhub Docker Image CI / images-test (push) Has been cancelled
Details
first commit
2025-09-06 16:08:15 +08:00
..
web
first commit
2025-09-06 16:08:15 +08:00
1.png
first commit
2025-09-06 16:08:15 +08:00
2.png
first commit
2025-09-06 16:08:15 +08:00
docker-compose.yml
first commit
2025-09-06 16:08:15 +08:00
docker-entrypoint.sh
first commit
2025-09-06 16:08:15 +08:00
README.md
first commit
2025-09-06 16:08:15 +08:00
README.zh-cn.md
first commit
2025-09-06 16:08:15 +08:00

README.md

Django Trunc(kind) and Extract(lookup_name) SQL Injection (CVE-2022-34265)

中文版本(Chinese version)

Django is a high-level Python web framework that encourages rapid development and clean, pragmatic design.

Django released a security update on July 4, 2022, which fixes a SQL injection vulnerability in the Trunc() and Extract() database functions. This vulnerability affects Django versions before 4.0.6, 3.2.14.

References:

Environment Setup

Execute the following command to start a vulnerable Django 4.0.5 server:

docker compose up -d

After the server is started, you can access the web page at http://your-ip:8000.

Vulnerability Reproduction

The web application uses the Trunc function to aggregate page click counts by datetime. Visit http://your-ip:8000/?date=minute to see the number of clicks per minute:

To exploit the SQL injection vulnerability, modify the date parameter with malicious input:

http://your-ip:8000/?date=xxxx'xxxx

The SQL error message will be displayed, confirming the successful injection: