Title:ZEROF Web Server SQL注入漏洞 (CVE-2021-30175) Description:ZEROF Web Server是开源的一个简化现代Web开发的Web框架。它使您可以构建应用程序而不必担心程序包管理或路由。 ZEROF Web Server 1.0版本存在SQL注入漏洞,该漏洞源于程序允许通过登录页面的HandleEvent端点进行SQL注入。
Description
ZEROF Web Server 1.0 (April 2021) allows SQL Injection via the /HandleEvent endpoint for the login page.
File Snapshot
id: CVE-2021-30175
info:
name: ZEROF Web Server 1.0 - SQL Injection
author: edoardottt
severi
...
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.