IOActive/AOSP-DownloadProviderDbDumperSQLiWhere

PoC Exploiting SQL Injection in Android's Download Provider in Selection Parameter (CVE-2019-2198)

AOSP-DownloadProviderDbDumperSQLiWhere

PoC Exploiting SQL Injection in Android's Download Provider in Selection Parameter (CVE-2019-2198)

Security Advisory

Android (AOSP) Download Provider SQL Injection in Query Selection Parameter (CVE-2019-2198)

Demo