{"uuid": "d2a5e668-b27a-4199-94f0-ee2a69e7f95c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28346", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5909", "content": "#exploit\n1. CVE-2022-28346:\nDjango QuerySet.annotate(), aggregate(), extra() SQL\nhttps://github.com/DeEpinGh0st/CVE-2022-28346\n\n2. CVE-2022-28508:\nMantisBT 2.25.2 - XSS\nhttps://github.com/YavuzSahbaz/CVE-2022-28508/blob/main/MantisBT%202.25.2%20XSS%20vulnurability\n\n3. Bypassing LDAP Channel Binding with StartTLS\nhttps://offsec.almond.consulting/bypassing-ldap-channel-binding-with-starttls.html", "creation_timestamp": "2022-04-30T17:55:24.000000Z"}