search

rapid7 / metasploit-framework

Metasploit Framework
https://www.metasploit.com/
Other
33.87k stars 13.92k forks source link

Grafana SQL Injection "feature" #19167

Open h00die opened 4 months ago

h00die commented 4 months ago

Summary

SQL Injection in Grafana, as a "feature", so likely won't get patched

Basic example

https://fdlucifer.github.io/2024/04/22/grafana-sql-injection/ looks thorough enough to create a module with

Motivation

Grafana is pretty popular

HamidouTlili commented 4 months ago

i want to work on this as a cyber security project , any further instructions or informations except for this https://fdlucifer.github.io/2024/04/22/grafana-sql-injection/