SQL injection in QuerySet.annotate(), aggregate(), and extra()
Run ./setup.sh for initial setup
Open the docker image to initiate the database:
docker exec -it {container_id} /bin/bash
And run the following commands:
python manage.py makemigrations cve202228346
python manage.py migrate
Start the instances using:
docker-compose up
Now open the following URL to load sample data:
http://localhost:8000/load_example_data
Then go to the vulnerable page at: http://localhost:8000/users/
Exploit the parameter at: todo