{"vulnerability": "CVE-2022-34265", "sightings": [{"uuid": "e0db155c-87f4-4ee0-bcb7-8240cd5fc3a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3041", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for CVE-2022-34265\nURL\uff1ahttps://github.com/ZhaoQi99/CVE-2022-34265\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-25T13:31:32.000000Z"}, {"uuid": "6ec56053-285c-464c-8da8-508b02b5533f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "seen", "source": "https://t.me/BleepingComputer/12627", "content": "Latest news and stories from BleepingComputer.com\nDjango fixes SQL Injection vulnerability in new releases\n\nDjango, an\u00a0open source Python-based web framework has patched a high severity vulnerability in its latest releases.\nTracked as\u00a0CVE-2022-34265, the potential SQL Injection vulnerability impacts\u00a0Django's main branch, and versions\u00a04.1 (currently in beta),\u00a04.0, and\u00a03.2, with patches and new releases issued fixing the vulnerability. [...]", "creation_timestamp": "2022-07-04T16:14:14.000000Z"}, {"uuid": "6396f254-73ee-4b11-bc13-82daa409afcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "seen", "source": "https://t.me/BleepingComputer/12625", "content": "Django fixes SQL Injection vulnerability in new releases\n\nDjango, an\u00a0open source Python-based web framework has patched a high severity vulnerability in its latest releases.\nTracked as\u00a0CVE-2022-34265, the potential SQL Injection vulnerability impacts\u00a0Django's main branch, and versions\u00a04.1 (currently in beta),\u00a04.0, and\u00a03.2, with patches and new releases issued fixing the vulnerability. [...]\n\nhttps://www.bleepingcomputer.com/news/security/django-fixes-sql-injection-vulnerability-in-new-releases/", "creation_timestamp": "2022-07-04T11:18:04.000000Z"}, {"uuid": "1130a231-457a-48fe-adfa-036aa3ddb2fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2678", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aoC verification of Django vulnerability (CVE-2022-34265)\nURL\uff1ahttps://github.com/NopFault/CVE-2022-34265\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-11T12:06:03.000000Z"}, {"uuid": "326920f9-1f69-4856-98e3-e9b48a8190d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "seen", "source": "https://t.me/habr_com_news/7585", "content": "\u200b\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Django \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0434\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u0433\u043e SQL-\u043a\u043e\u0434\u0430\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Django 4.0.6 \u0438 3.2.14, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-34265. \u041e\u043d\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u043e\u0434\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0441\u0432\u043e\u0435\u0433\u043e SQL-\u043a\u043e\u0434\u0430.\u00a0\n\n#\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2022-07-05T08:11:49.000000Z"}, {"uuid": "e710caab-9059-47b4-8261-c4a7291b2fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2704", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-34265 Vulnerability \nURL\uff1ahttps://github.com/not-xences/CVE-2022-34265\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-13T13:08:32.000000Z"}, {"uuid": "3eef4049-4d73-4681-907a-04f602cdac06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2668", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for CVE-2022-34265 (Django)\nURL\uff1ahttps://github.com/aeyesec/CVE-2022-34265\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-09T06:47:33.000000Z"}, {"uuid": "8871c4b4-dec4-4b99-ba1d-e5cdd7680145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3045", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for CVE-2022-34265\nURL\uff1ahttps://github.com/MuChaTOO/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-26T05:11:42.000000Z"}, {"uuid": "60f88c8f-1316-4c58-b907-38ade7261e73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "seen", "source": "https://t.me/codeby_sec/6193", "content": "\u200b\ud83d\udc89 \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Python-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Django \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u0433\u043e SQL-\u043a\u043e\u0434\u0430\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Django 4.0.6 \u0438 3.2.14, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-34265. \u041e\u043d\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u043e\u0434\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u0433\u043e SQL-\u043a\u043e\u0434\u0430.\n\n\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL Injection \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0432\u0435\u0442\u043a\u0435 Django, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 4.1 (\u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432 \u0431\u0435\u0442\u0430-\u0432\u0435\u0440\u0441\u0438\u0438), 4.0 \u0438 3.2. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043d\u0435\u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0435 \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u0445 kind \u0438 lookup_name, \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0445 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Trunc(kind) \u0438 Extract(lookup_name). \u0422\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f\u0445 lookup_name \u0438 kind, \u043d\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0437\u0430\u043f\u0440\u0435\u0442\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u0430\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 Extract \u0438 Trunc \u0441\u0438\u043c\u0432\u043e\u043b\u044b, \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u0435 \u043e\u0442 \u0431\u0443\u043a\u0432, \u0446\u0438\u0444\u0440 \u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432. \u0420\u0430\u043d\u0435\u0435, \u0432 \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0445 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f\u0445 \u043d\u0435 \u0432\u044b\u0440\u0435\u0437\u0430\u043b\u0430\u0441\u044c \u043e\u0434\u0438\u043d\u0430\u0440\u043d\u0430\u044f \u043a\u0430\u0432\u044b\u0447\u043a\u0430, \u0438 \u044d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0441\u0432\u043e\u0438 SQL-\u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438.\n\n\u0412 \u0432\u0435\u0440\u0441\u0438\u0438 4.1 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u0438\u043b\u044f\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0434\u0430\u0442\u0430\u043c\u0438. \u041e\u0434\u043d\u0430\u043a\u043e, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 API \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u043c\u0438 \u0431\u044d\u043a\u0435\u043d\u0434\u0430\u043c\u0438 \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\ud83d\uddde \u0411\u043b\u043e\u0433 \u041a\u043e\u0434\u0435\u0431\u0430\u0439\n\n#news #python #web", "creation_timestamp": "2022-07-05T11:48:06.000000Z"}, {"uuid": "9c4087f6-cd46-4021-8d2b-3a4a8199fb55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "seen", "source": "https://t.me/poxek/2422", "content": "#CVE #POC\n\nExploit for SQL Injection in Django\nCVE-2022-34265\n\nAn issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.", "creation_timestamp": "2022-09-01T13:00:04.000000Z"}, {"uuid": "675c89e6-750f-424f-95e4-adb5bac15679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/310", "content": "CVE-2022-34265 : PoC verification of Django 4.0 , 3.2 SQL Injection vulnerability https://github.com/aeyesec/CVE-2022-34265", "creation_timestamp": "2022-07-07T22:09:18.000000Z"}, {"uuid": "d4015075-41a3-4543-985f-e106af12dc51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "Telegram/GD5qiq8Yh63VBupkG3KSjV9OuHErr4ZdzzhP_utm5c_UDQ", "content": "", "creation_timestamp": "2022-07-08T10:43:17.000000Z"}, {"uuid": "c48a4ba3-0e82-4579-acc2-0df439039aef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "Telegram/rfWDoGaNaMufnl77UP3PFo2yOvqIc_JZ3bMQvqUlQ6t9dg", "content": "", "creation_timestamp": "2022-07-07T16:19:18.000000Z"}, {"uuid": "2979635a-cd9b-4826-9d62-641e70604160", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "seen", "source": "https://t.me/arpsyndicate/4392", "content": "#ExploitObserverAlert\n\nCVE-2022-34265\n\nDESCRIPTION: Exploit Observer has 47 entries in 9 file formats related to CVE-2022-34265. An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.\n\nFIRST-EPSS: 0.117370000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-04-09T05:15:10.000000Z"}, {"uuid": "3c311a59-7a7f-4de9-8699-96e27ea2f29a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2463", "content": "#Tools \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bBokuLoader\n\nCobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.\n\nhttps://github.com/xforcered/BokuLoader\n\n#loader #cs #evasion #av #cobalt\n\n\u200b\u200bSparrow-WiFi\n\nSparrow-wifi has been built from the ground up to be the next generation 2.4 GHz and 5 GHz Wifi spectral awareness tool. At its most basic it provides a more comprehensive GUI-based replacement for tools like inSSIDer and linssid that runs specifically on linux. \n\nIn its most comprehensive use cases, sparrow-wifi integrates wifi, software-defined radio (hackrf), advanced bluetooth tools (traditional and Ubertooth), traditional GPS (via gpsd), and drone/rover GPS via mavlink in one solution.\n\nhttps://github.com/ghostop14/sparrow-wifi\n\n\u200b\u200bReverseShell\n\nA reverseshell for Linux. Written In Python3. \n\nhttps://github.com/Keyj33k/ReverseShell\n\n\u200b\u200bGPU_ShellCode\n\ngpu poisoning; hide the payload inside the gpu memory.\n\nafter my older repo, in which i used the thread description to hide the payload, i wanted to find new way, so now im using nividia gpu memory using cuda api's to allocate, write, and free when there is no need for the payload to be found in memory.\n\nhttps://github.com/H1d3r/GPU_ShellCode\n\n\u200b\u200bPapaya\n\n#NoSQL Injection Tool to bypass login forms & extract usernames/passwords using regular expressions. \n\nPapaya is a tool to test if a #MongoDB/NoSQL-based web application is vulnerable to a basic NoSQL injection on POST login forms, including tests for password and username extraction.\n\nhttps://github.com/eversinc33/Papaya\n\n\u200b\u200bSecurity Bugs\n\nFull disclosures for CVE ids, proofs of concept, exploits, 0day bugs and so on.  Microsoft Internet Explorer 11 (protected mode off) & Adobe Acrobat Reader DC ActiveX\n\nhttps://github.com/j00sean/SecBugs\n\nCVE-2022-34265\n\nPoC verification of Django vulnerability \n\nA vulnerability (CVE-2022-34265) in Django was disclosed on July 5, 2022 (US time). This article describes our discussion of this vulnerability and the results of our verification.\n\nhttps://github.com/aeyesec/CVE-2022-34265\n\n\u200b\u200bCrackQL\n\nA GraphQL password brute-force and fuzzing utility.\n\nCrackQL is a versatile GraphQL penetration testing tool that exploits poor rate-limit and cost analysis controls to brute-force credentials and fuzz operations.\n\nhttps://github.com/nicholasaleks/CrackQL\n\n\u200b\u200bAwesome-web3-Security\n\nA curated list of web3 Security materials and resources For Pentesters and Bug Hunters.\n\nhttps://github.com/Anugrahsr/Awesome-web3-Security\n\n\u200b\u200bGadgetToJScript\n\nA tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA scripts.\n\nThe current gadget triggers a call to Activator.CreateInstance() when deserialized using BinaryFormatter from jscript/vbscript/vba, this means it can be used to trigger execution of your .NET assembly of choice via the default/public constructor.\n\nThe tool was created mainly for automating WSH scripts weaponization for RT engagements (Initial Access, Lateral Movement, Persistence), the shellcode loader which was used for PoC is removed and replaced by an example assembly implemented in the TestAssembly project.\n\nhttps://github.com/med0x2e/GadgetToJScript\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-03-13T07:34:06.000000Z"}, {"uuid": "dab007e2-d0e4-4b94-bf0e-2b1500469ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "seen", "source": "https://t.me/proxy_bar/911", "content": "Django vuln\nCVE-2022-34265\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0432 \u0431\u0430\u0437\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a  \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u043b\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445.\n=======\n\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438\nDjango 3.2.x prior to 3.2.14\nDjango 4.0.x prior to 4.0.6\n=======\nPOC\n\n#exploit #django", "creation_timestamp": "2022-07-07T15:52:22.000000Z"}, {"uuid": "36abb5de-224c-4616-98ab-a1737a58e7f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/15021", "content": "https://github.com/aeyesec/CVE-2022-34265", "creation_timestamp": "2022-07-13T04:46:59.000000Z"}, {"uuid": "d6317656-e640-4d80-b288-542effa905f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "seen", "source": "https://t.me/true_secator/3131", "content": "\u041a\u043e\u043c\u0430\u043d\u0434\u0430 Django Software Foundation \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u043d\u043e\u0432\u044b\u0445 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445\u00a0Django 4.0.6 \u0438 Django 3.2.14.\n\n\u0412\u044b\u0441\u043e\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u044b\u0439 \u0432\u0435\u0431-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Python \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f \u043b\u0443\u0447\u0448\u0438\u043c \u0432 \u0441\u0432\u043e\u0435\u043c \u0440\u043e\u0434\u0435. \u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e Django \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 11 \u0442\u044b\u0441. \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0438\u0437 166 \u0441\u0442\u0440\u0430\u043d \u043c\u0438\u0440\u0430. \n\n\u041f\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043e\u0446\u0435\u043d\u043a\u0430\u043c, \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u0442\u044b\u0441\u044f\u0447 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432 \u0432\u044b\u0431\u0438\u0440\u0430\u044e\u04422.14.\n\n\u0412\u044b\u0441\u043e\u043a\u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0432\u043e\u0435\u0433\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Model-Template-View. Django \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0441\u0430\u0439\u0442\u0430\u0445 Instagram, Disqus, Mozilla, The Washington Times, Pinterest, YouTube, Google \u0438 \u0434\u0440.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-34265 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL Injection \u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0432\u0435\u0442\u043a\u0435 Django, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 4.1 (\u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432 \u0431\u0435\u0442\u0430-\u0432\u0435\u0440\u0441\u0438\u0438), 4.0 \u0438 3.2.\u00a0\u041e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0422\u0430\u043a\u0443\u0442\u043e \u0419\u043e\u0448\u0438\u043a\u0430\u0439 \u0438\u0437 Aeye Security Lab.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Django \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u043f\u0435\u0440\u0435\u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 Trunc (kind) \u0438 Extract (lookup_name).\n\n\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c, \u0435\u0441\u043b\u0438 \u043e\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043a\u0430\u043a\u0443\u044e-\u043b\u0438\u0431\u043e \u043e\u0447\u0438\u0441\u0442\u043a\u0443 \u0432\u0432\u043e\u0434\u0430 \u0438\u043b\u0438 \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0435\u0440\u0435\u0434 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0435\u0439 \u044d\u0442\u0438\u0445 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0432 Trunc \u0438 Extract.\n\nDjango Software Foundation \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442\u044c \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e Django 4.0.6 \u0438\u043b\u0438 3.2.14, \u043b\u0438\u0431\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043a \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0432\u0435\u0440\u0441\u0438\u044f\u043c: main branch, 4.1 release branch, 4.0 release branch \u0438\u043b\u0438 3.2 release branch.", "creation_timestamp": "2022-07-05T13:05:05.000000Z"}, {"uuid": "0dc10353-8f23-4c80-b6e3-e803613c9a87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/14721", "content": "https://github.com/aeyesec/CVE-2022-34265", "creation_timestamp": "2022-07-07T21:11:11.000000Z"}, {"uuid": "5f79c338-8f90-465f-908b-706f3fc398a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/807", "content": "Today's Updates\n\n1. Koh: The Token Stealer\n2. Slient-Doc-Pdf-Exploit-Builder-Fud-Malware-Cve\n3. CVE-2022-34265 - PoC verification of Django vulnerability\n4. Papaya - NoSQL Injection Tool to bypass login forms & extract usernames/passwords using regular expressions.\n5. New Stable Mirror for Tor2Door Exploring\n6. indonesianship.com Leak\n7. Arbitech.com Leak\n8. CVE-2022-0847 SUID Shell Backdoor\n9. Sql injection tutorial\n10. SMTP Connections\n\nAll Updates are on \ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb https://forum.hackbyte.org", "creation_timestamp": "2022-07-08T15:29:04.000000Z"}, {"uuid": "db21bec4-0746-435c-b49b-5e1cd350f4da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "seen", "source": "https://t.me/cibsecurity/45572", "content": "\u203c CVE-2022-34265 \u203c\n\nAn issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-04T22:31:25.000000Z"}, {"uuid": "2dae7fbe-4efd-4f33-898e-166acf21090c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/835", "content": "Updates On Hackbyte Forum:-\n\n\ud83d\udcccBianLian \u2013 Ransomware\n\ud83d\udcccPoC for CVE-2022-34265 (Django)\n\ud83d\udcccFUGIO - Automatic Exploit Generation for PHP Object Injection Vulnerabilities\n\ud83d\udcccRCE and Domain Admin privilege escalation for Mailcow\n\ud83d\udcccFTP-Inspector\n\ud83d\udcccCVE-2022-24934\n\ud83d\udcccOctopusWAF\n\ud83d\udcccVernet - Network Analyzer and Monitoring Tool\n\ud83d\udcccUAParser.js\n\ud83d\udcccJSshell\n\ud83d\udcccSXSS is A CLI toolkit to detect and keep track of Blind XSS\n\ud83d\udcccPantheon-HVNC-V2-Source-leaked\n\ud83d\udcccNeurotoxin - Durable #Backdoors in Federated Learning.\n\ud83d\udcccBitRAT\n\ud83d\udcccS-500 G2-Pro-HVNC-Rat-Source-leaked\n\ud83d\udcccCVE-2021-23017-PoC\n\ud83d\udcccHiveV5 keystream decryptor PoC\n\ud83d\udcccPakistan Taxpayers List\n\ud83d\udcccfoodco.us Leak\n\ud83d\udccc774k USA SCHOOL DETAILS\n\ud83d\udcccPrivFu/PrivilegedOperations.\n\ud83d\udcccTOP 21 Remote Code Execution Exploit\u2019s #RCE\n\ud83d\udcccFrom cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud\n\ud83d\udcccRetbleed: Arbitrary Speculative Code Execution with Return Instructions\n\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb Updates:- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-13T11:23:38.000000Z"}, {"uuid": "0a707fdf-962c-426a-a66f-edba0d152388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/806", "content": "https://github.com/aeyesec/CVE-2022-34265", "creation_timestamp": "2022-07-08T02:39:25.000000Z"}, {"uuid": "16a0e721-0ed9-4d48-98af-0774ad660c7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "Telegram/EyIbpt-47A6QSj4CbzgegPmXuFN5uRCh0M79kvomsJFU", "content": "", "creation_timestamp": "2022-07-11T21:22:04.000000Z"}, {"uuid": "b0ed4837-6587-4e6a-a560-9071bfb0dd98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6356", "content": "#exploit\n1. CVE-2022-30164:\nKerberos KerbRetrieveEncodedTicketMessage AppContainer EoP\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2273\n\n2. CVE-2022-34265:\nDjango Trunc/Extract vulnerability\nhttps://github.com/aeyesec/CVE-2022-34265", "creation_timestamp": "2022-07-08T11:05:13.000000Z"}, {"uuid": "61dab311-356a-44b7-9357-bb7c4339d0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34265", "type": "seen", "source": "https://t.me/xakep_ru/12592", "content": "\u0412 Django \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0431\u0430\u0433, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0438\u0439 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Django \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0432\u043e\u0435\u043c \u043a\u043e\u0434\u0435. \u0411\u0430\u0433 \u0441 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2022-34265 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0432\u0435\u0442\u043a\u0435 Django, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 4.1 (\u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432 \u0431\u0435\u0442\u0430-\u0432\u0435\u0440\u0441\u0438\u0438), 4.0 \u0438 3.2.\n\nhttps://xakep.ru/2022/07/05/django-sql-injection/", "creation_timestamp": "2022-07-05T20:09:07.000000Z"}]}