Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2025-24799 PoC — GLPI allows unauthenticated SQL injection through the inventory endpoint

Source
https://github.com/Rosemary1337/CVE-2025-24799
Associated Vulnerability
Title:GLPI allows unauthenticated SQL injection through the inventory endpoint (CVE-2025-24799)
Description:GLPI is a free asset and IT management software package. An unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 10.0.18.
Description
CVE-2025-24799 Exploit: GLPI - Unauthenticated SQL Injection
Readme
# CVE-2025-24799 Auto Exploit

![Python](https://img.shields.io/badge/Python-3.11-blue)
![Status](https://img.shields.io/badge/Status-POC-orange)
![Author](https://img.shields.io/badge/Author-Rosemary1337-red)

---

## ⚡ Overview

**CVE-2025-24799** is a proof-of-concept (PoC) exploit targeting **GLPI**.  
This exploit demonstrates **unauthenticated SQL Injection (time-based blind)** to extract user credentials.

> **Disclaimer:** This PoC is for educational purposes only. Do **not** use on systems without permission.

---

## 🛠 Features

- Detects `glpi_users` table and required columns (`name` and `password`)  
- Extracts usernames and passwords sequentially  
- Time-based blind SQL injection for unauthenticated exploitation  
- Colorful console output with status, success, failure, and info messages  
- Works on Python 3.x with minimal dependencies  

---

## ⚙️ Installation

1. Clone the repository:
```bash
git clone https://github.com/Rosemary1337/CVE-2025-24799.git
cd CVE-2025-24799
````

2. Install dependencies:

```bash
pip install -r requirements.txt
```

> Requirements: `requests`, `colorama`, `beautifulsoup4`

---

## 🚀 Usage

```bash
python3 main.py -u <TARGET_URL>
```

### Example:

```bash
python3 main.py -u http://target.com/index.php/ajax
```

### Arguments

| Flag        | Description | Required | Default |
| ----------- | ----------- | -------- | ------- |
| `-u, --url` | Target URL  | Yes      | -       |

---

## 🎨 Output

The console shows:

* Status messages `[•]`
* Success `[✔]`
* Fail `[✖]`
* Info `[i]`

Example:

```
[•] Exploiting CVE-2025-24799...
[✔] Table 'glpi_users' found.
[✔] Required columns verified.
[i] Starting credential extraction...

[+] Credential 1: admin:5f4dcc3b5aa765d61d8327deb882cf99
[+] Credential 2: user:123456
[*] Extraction complete.
```

---

## 🔐 Security & Disclaimer

* For **educational & testing purposes only**.
* Do **not** attack websites without explicit permission.
* Use in a controlled lab or authorized penetration test only.

---

## 🔗 Connect with Me

I'm an active developer who enjoys building tools and sharing knowledge. You can reach me through:
<p align="left"> <a href="https://github.com/Rosemary1337" target="_blank"> <img src="https://img.shields.io/badge/GitHub-181717?style=for-the-badge&logo=github&logoColor=white"/> </a> <a href="https://t.me/stupidp3rson" target="_blank"> <img src="https://img.shields.io/badge/Telegram-26A5E4?style=for-the-badge&logo=telegram&logoColor=white"/> </a> <a href="https://www.tiktok.com/@justan0therloser" target="_blank"> <img src="https://img.shields.io/badge/TikTok-000000?style=for-the-badge&logo=tiktok&logoColor=white"/> </a> <a href="mailto:rayhanmahardika576@gmail.com" target="_blank"> <img src="https://img.shields.io/badge/Email-8A2BE2?style=for-the-badge&logo=minutemailer&logoColor=white"/> </a> </p>
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →