20 matches found
CVE-2026-5332
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...
EUVD-2026-18225
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...
CVE-2026-5332
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...
CVE-2026-5332 Xiaopi Panel WAF Firewall demo.php cross site scripting
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...
CVE-2026-5332
A vulnerability is identified in Xiaopi Panel 1.0.0 affecting the WAF Firewall component, specifically the /demo.php file. The issue arises from manipulation of the param argument, enabling cross-site scripting. Remote exploitation is possible, and an exploit is publicly available. The vendor was...
CVE-2026-5332 Xiaopi Panel WAF Firewall demo.php cross site scripting
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...
CVE-2026-5332
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...
PT-2026-29739
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...
Henan Xiaopi Panel 代码注入漏洞
Henan Xiaopi Panel is a Linux graphical interface developed by Henan Xiaopi in Henan, China. Version 1.0.0 of Henan Xiaopi Panel contains a code injection vulnerability. This vulnerability stems from improper handling of the parameter “param” in the file/demo.php of the component WAF Firewall,...
CVE-2026-2122
A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...
CVE-2026-2122
A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...
CVE-2026-2122
A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...
CVE-2026-2122
CVE-2026-2122 affects Xiaopi Panel (WAF Firewall) and its /demo.php file. The vulnerability involves manipulation of the ID argument, leading to SQL injection. Descriptions across sources indicate the flaw can be exploited remotely and that the exploit has been released publicly. Red Hat and othe...
EUVD-2026-5825
A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...
CVE-2026-2122 Xiaopi Panel WAF Firewall demo.php sql injection
A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...
CVE-2026-2122
A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...
CVE-2026-2122 Xiaopi Panel WAF Firewall demo.php sql injection
A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...
Henan Xiaopi Panel SQL注入漏洞
Henan Xiaopi Panel is a Linux graphical interface developed by Henan Xiaopi in Henan, China. Versions of Henan Xiaopi Panel prior to 20260126 contained an SQL injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter ID in the component WAF Firewall’s demo.php...
PT-2026-6940
Name of the Vulnerable Software and Affected Versions Xiaopi Panel versions prior to 20260127 Description A security flaw exists in Xiaopi Panel. The issue impacts an unknown function of the file /demo.php within the WAF Firewall component. Manipulation of the ID argument can lead to SQL injectio...
XSS vulnerability in Pi's Windows web panel
Xiaopi Windows web panel is the phpStudy official website released by the server environment to build the operating panel, generally referred to as Xiaopi panel. Xiaopi Windows web panel suffers from an XSS vulnerability. An attacker can exploit the vulnerability to obtain an administrator cookie...