CVE-2021-32099

A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt