CVE-2026-5332

A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...

CVE-2026-5332

A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...

CVE-2026-5332

A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...

Henan Xiaopi Panel 代码注入漏洞

Henan Xiaopi Panel is a Linux graphical interface developed by Henan Xiaopi in Henan, China. Version 1.0.0 of Henan Xiaopi Panel contains a code injection vulnerability. This vulnerability stems from improper handling of the parameter “param” in the file/demo.php of the component WAF Firewall,...

CVE-2026-2122

A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...

CVE-2026-2122

A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...

Henan Xiaopi Panel SQL注入漏洞

Henan Xiaopi Panel is a Linux graphical interface developed by Henan Xiaopi in Henan, China. Versions of Henan Xiaopi Panel prior to 20260126 contained an SQL injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter ID in the component WAF Firewall’s demo.php...

Code-Projects Simple Online Hotel Reservation System 安全漏洞

Online Hotel Reservation System is a simple online hotel reservation system. Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Start in the file /reservation/demo.php. The...

CVE-2023-46505

Cross Site Scripting vulnerability in FanCMS v.1.0.0 allows an attacker to execute arbitrary code via the content1 parameter in the demo.php file...

FanCMS Cross-Site Scripting Vulnerability

FanCMS is a content management system for PwnCYN individual developers. A security vulnerability exists in FanCMS version v.1.0.0. The vulnerability can be exploited to execute arbitrary code via the content1 parameter in the demo.php file...

PT-2023-30064 · Fancms · Fancms

Name of the Vulnerable Software and Affected Versions: FanCMS version 1.0.0 Description: A Cross Site Scripting issue allows an attacker to execute arbitrary code via the content1 parameter in the "demo.php" file. Recommendations: For FanCMS version 1.0.0, avoid using the content1 parameter in th...

PT-2018-15401 · S Cms · S-Cms

Name of the Vulnerable Software and Affected Versions: S-CMS version 3.0 Description: An issue in S-CMS allows cross-site scripting XSS attacks via the T id parameter in the "admin/demo.php" API endpoint. Recommendations: For S-CMS version 3.0, avoid using the T id parameter in the "admin/demo.ph...