Published: 03/02/2020 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 670

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Django 1.11 prior to 1.11.28, 2.2 prior to 2.2.10, and 3.0 prior to 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL.

Vulnerable Product	Search on Vulmon	Subscribe to Product
djangoproject django

Debian Bug report logs - #950581 python-django: CVE-2020-7471: Potential SQL injection via StringAgg(delimiter) Package: src:python-django; Maintainer for src:python-django is Debian Python Modules Team <python-modules-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 3 F ...

Django could be vulnerable to SQL injection attacks ...

Simon Charette discovered that Django, a high-level Python web development framework, did not properly handle input in its PostgreSQL module A remote attacker could leverage this to perform SQL injection attacks For the oldstable distribution (stretch), this problem has been fixed in version 1:1107-2+deb9u8 For the stable distribution (buster) ...

djangocontribpostgresaggregatesStringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter ...

PoC for CVE-2022-34265 (Django)

CVE-2022-34265 Usage start docker-compose build docker-compose up -d stop docker-compose down PoC verification of Django vulnerability (CVE-2022-34265) A vulnerability (CVE-2022-34265) in Django was disclosed on July 5, 2022 (US time) This article describes our discussion of this vulnerability and th

Django SQL Injection Vulnerability Environment.

Django SQL Inject Env Django SQL Injection Vulnerability Environment CVE-2020-7471 CVE-2021-35042 CVE-2022-28346

django 漏洞：CVE-2020-7471 Potential SQL injection via StringAgg(delimiter) 的漏洞环境和 POC

CVE-2020-7471 这个仓库提供 CVE-2020-7471 Potential SQL injection via StringAgg(delimiter) 漏洞的环境和 POC 受影响的 django 版本 111 到 11128（不含） 22 到 2210（不含） 30 到 303（不含）下载使用前需要如下操作：安装 django 漏洞版本，我测试用的是 pip install django==302 -i pypitunatsinghuaeducn/

Django StringAgg SQL Injection (CVE-2020-7471)

Django CVE-2020-7471 SQLi CVE-2020-7471: Potential SQL injection via StringAgg(delimiter) djangocontribpostgresaggregatesStringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter RUN python managepy makemigrations python managepy migrate python managepy runserver 参考 wwwdjangop

天天生鲜-django22版本简介本项目替换原项目框架django18为最新版的django225（已修复为2210），该项目包含了实际开发中的电商项目中大部分的功能开发和知识点实践，是一个非常不错的django学习项目，同时也记录在替换框架中遇到的坑，所遇到的django1x和2x的区别，希望对各位的学�

PoC for the SQL injection vulnerability in PostgreSQL with Django, found in Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3

CVE-2020-7471-PoC (Django) PoC for the SQL injection vulnerability in PostgreSQL with Django, found in Django 111 before 11128, 22 before 2210, and 30 before 303 The class djangocontribpostgresaggregatesStringAgg for using the PostgreSQL STRING_AGG function had a SQL injection vulnerability It is possible to embed an arbitrary query in the value passed to the deli

PoC for the SQL injection vulnerability in PostgreSQL with Django, found in Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3

CVE-2020-7471 Potential SQL injection via StringAgg(delimiter)

DOBBY_IS_FREE! 출제된 CTF: 2020 Christmas CTF 분야: WEB 키워드: DOBBY_IS_FREE! 난이도: ★★★☆☆ 배경 일반적으로 Web Hacker들이 mysql에 대한 SQL Injection을 주로 공부하는걸 보니 postgresql을 사용해서 Injection 문제를 만들어서 다양한 DB에 대한 공격을 경험해봤으면 하는 생각에서 만들었습니다 풀이 �

天天生鲜-django22版本帮人做的毕业设计 fork 自 githubcom/Pad0y/Django2_dailyfresh 大部分提交在码云上完成，因为网络问题没同步更新到github 修改如下：修改了大部分代码包的导入方式（原来clone下来在Pycharm下直接一大片飘红），并运行服务，调通了支付宝支付接口，删除了可能�

Reproduce CVE-2020-7471

CVE-2020-7471 SQL injection via StringAgg delimeter input Setup: Run /setupsh for initial setup Open the docker image to initiate the database: docker exec -it {container_id} /bin/bash And run the following commands: python managepy makemigrations vul_app python managepy migrate Start the instances using: docker-compose up Now open th

CWE-89 https://www.openwall.com/lists/oss-security/2020/02/03/1 https://docs.djangoproject.com/en/3.0/releases/security/https://www.djangoproject.com/weblog/2020/feb/03/security-releases/http://www.openwall.com/lists/oss-security/2020/02/03/1 https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136 https://usn.ubuntu.com/4264-1/https://seclists.org/bugtraq/2020/Feb/30 https://www.debian.org/security/2020/dsa-4629 https://security.netapp.com/advisory/ntap-20200221-0006/https://security.gentoo.org/glsa/202004-17 https://groups.google.com/forum/#%21topic/django-announce/X45S86X5bZI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581 https://usn.ubuntu.com/4264-1/https://nvd.nist.gov

Get Started

CVE-2020-7471

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect