cve/CVE-2021-32099.md at 7909e50b64548be2689e5ad0bc37714dc0608a96

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass.

POC

Reference

https://portswigger.net/daily-swig/multiple-vulnerabilities-in-pandora-fms-could-trigger-remote-execution-attack

Github

https://github.com/20142995/Goby
https://github.com/ARPSyndicate/cvemon
https://github.com/HimmelAward/Goby_POC
https://github.com/NaInSec/CVE-PoC-in-GitHub
https://github.com/SYRTI/POC_to_review
https://github.com/WhooAmii/POC_to_review
https://github.com/Z0fhack/Goby_POC
https://github.com/akr3ch/CVE-2021-32099
https://github.com/ibnuuby/CVE-2021-32099
https://github.com/l3eol3eo/CVE-2021-32099_SQLi
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/shyam0904a/Pandora_v7.0NG.742_exploit_unauthenticated
https://github.com/soosmile/POC
https://github.com/trhacknon/Pocingit
https://github.com/zecool/cve
https://github.com/zjicmDarkWing/CVE-2021-32099

1.4 KiB Raw Blame History

CVE-2021-32099

Description

POC

Reference

Github

1.4 KiB

Raw Blame History