{"vulnerability": "CVE-2023-28424", "sightings": [{"uuid": "ecf3bcd2-227e-4190-b1d6-d2bb7c1db177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28424", "type": "seen", "source": "https://t.me/cibsecurity/60309", "content": "\u203c CVE-2023-28424 \u203c\n\nSoko if the code that powers packages.gentoo.org. Prior to version 1.0.2, the two package search handlers, `Search` and `SearchFeed`, implemented in `pkg/app/handler/packages/search.go`, are affected by a SQL injection via the `q` parameter. As a result, unauthenticated attackers can execute arbitrary SQL queries on `https://packages.gentoo.org/`. It was also demonstrated that primitive was enough to gain code execution in the context of the PostgreSQL container. The issue was addressed in commit `4fa6e4b619c0362728955b6ec56eab0e0cbf1e23y` of version 1.0.2 using prepared statements to interpolate user-controlled data in SQL queries.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-20T16:54:01.000000Z"}, {"uuid": "5377bca8-e197-4c79-ac1a-4a02c7c92a90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28424", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4725", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-28424\nURL\uff1ahttps://github.com/Fire-Null/CVE-2023-28424\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-11T13:41:26.000000Z"}, {"uuid": "aa05f64b-9e32-420b-bf7a-fadeffb88ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28424", "type": "seen", "source": "Telegram/YPSFRJaXJu22SzL-lnmgNittGl2SN26SC5hMmH64EzvAW7E", "content": "", "creation_timestamp": "2023-06-28T15:51:20.000000Z"}, {"uuid": "7e50a019-70b3-4ec8-85ca-2d47c998dfee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28424", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8632", "content": "#Threat_Research\nSQL Injections in Soko:\nWhy ORMs and Prepared Statements Can't (Always) Win (CVE-2023-28424)\nhttps://www.sonarsource.com/blog/why-orms-and-prepared-statements-cant-always-win", "creation_timestamp": "2023-07-08T12:47:01.000000Z"}]}