2 matches found
Exploit for SQL Injection in Artica Pandora_Fms
CVE-2021-32099 CVE-2021-32099 POC : http://localhost:8000/pan...
CVE-2021-32099
CVE-2021-32099 concerns Artica Pandora FMS 742, specifically the pandora_console component. A SQL injection in the /include/chart_generator.php endpoint via the session_id parameter enables an unauthenticated attacker to upgrade an unprivileged session, resulting in a login bypass. Multiple sourc...