{"uuid": "38de401a-97f0-4c5c-b019-9337874aaf9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-2198", "type": "exploited", "source": "https://t.me/thebugbountyhunter/3689", "content": "Exploiting SQL Injection in Android's Download Provider (CVE-2019-2198)\n\nBlind SQL injection in Android's Download Provider will retrieve user cookies of downloaded file website (e.g. Gmail).\nPatched in November's 2019 Android Security Bulletin.\nPoC + info:https://github.com/IOActive/AOSP-DownloadProviderDbDumperSQLiWhere/", "creation_timestamp": "2020-01-20T09:43:49.000000Z"}