Skip to main content

Pandora

$ tldr SNMP + SQLi session → PandoraFMS RCE → PATH hijacking

CVE / Bulletins: CVE-2019-20224 ↗

Writeups

Skill resources

Curated documentation for each technique listed in the Skills column above. Sources: HackTricks, GTFOBins, PortSwigger, etc. Local File Inclusion (LFI) · Remote File Inclusion (RFI) · Shellshock (CVE-2014-6271) · Cross-Site Scripting (XSS)

If you liked this machine, try


Comments & tips

Did the official writeup not work? Found a smarter trick? Share it here — comments live in GitHub Discussions.
Last updated: 2026-06-07