| 제목 | Xiaopi Web Application Firewall V1.0.0 Bypass |
|---|
| 설명 | The vulnerability exists in the official WAF firewall of Xiaopi Panel, where inadequate filtering of user input by WAF rules allows attackers to execute malicious code through carefully crafted injection statements. Although WAF protection is in place, attackers can still bypass restrictions using specific formats and encoding techniques to achieve injection attacks. |
|---|
| 원천 | ⚠️ https://github.com/ltranquility/vuln_submit/issues/1 |
|---|
| 사용자 | Customer (UID 83474) |
|---|
| 제출 | 2026. 03. 16. PM 02:19 (20 날 ago) |
|---|
| 모더레이션 | 2026. 04. 01. PM 03:58 (16 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 354666 [Xiaopi Panel 1.0.0 WAF Firewall /demo.php param 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 18 |
|---|