4 matches found
ZEROF Web Server 1.0 - SQL Injection
ZEROF Web Server 1.0 April 2021 allows SQL Injection via the /HandleEvent endpoint for the login page. id: CVE-2021-30175 info: name: ZEROF Web Server 1.0 - SQL Injection author: edoardottt severity: critical description: | ZEROF Web Server 1.0 April 2021 allows SQL Injection via the /HandleEvent...
CVE-2021-30175
ZEROF Web Server 1.0 April 2021 allows SQL Injection via the /HandleEvent endpoint for the login page...
CVE-2021-30175
creationtimestamp| type| source ---|---|--- 2021-09-21 06:42:48+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/153 2023-04-27 17:01:53+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-30175.yaml...
CVE-2021-30175
The vulnerability CVE-2021-30175 affects ZEROF Web Server 1.0 (April 2021), where an SQL Injection is possible via the /HandleEvent endpoint on the login page. The Nuclei template and CIRCL/nvd entries confirm that this is an injection in the login handling path (CWE-89) with potential for arbitr...