Share
## https://sploitus.com/exploit?id=C2E5549E-FB1F-5D4E-9645-AD09F335283D
# CVE-2025-57833
Example Vulnerable application for [CVE-2025โ€“57833](https://nvd.nist.gov/vuln/detail/CVE-2025-57833)

Django 4.2 before 4.2.24 Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6 is vulnerable to a SQL injection 
via Dictionary expansion as **kwargs is passed to QuerySet.annotate() or QuerySet.alias()

Currently a work in progress. 

This is for educational purposes only.