CVE-2021-32099 SQL Injection allow attacker bypass login. From HTB with love
CVE-2021-32099 SQLi Bypass login Useful when trying to read User Flag on Pandorahtb CVE-2021-32099 SQLi allow attacker bypass login Target Exploit on: Pandora FMS v70NG742_FIX_PERL2020 Analysis Read from cvedetail We know endpoint of target: localhost:8000/pandora_console/include/chart_generatorphp?session_id=PayloadHere => Access denied sqlmap -r reqtxt