Vulnerabilities > Zerof > WEB Server

DATE CVE VULNERABILITY TITLE RISK
2022-02-18 CVE-2022-25322 SQL Injection vulnerability in Zerof web Server 2.0
ZEROF Web Server 2.0 allows /HandleEvent SQL Injection.
network
low complexity
zerof CWE-89
critical
 9.8
9.8
2022-02-18 CVE-2022-25323 Cross-site Scripting vulnerability in Zerof web Server 2.0
ZEROF Web Server 2.0 allows /admin.back XSS.
network
low complexity
zerof CWE-79
6.1
6.1
2021-04-13 CVE-2021-30175 SQL Injection vulnerability in Zerof web Server 1.0
ZEROF Web Server 1.0 (April 2021) allows SQL Injection via the /HandleEvent endpoint for the login page.
network
low complexity
zerof CWE-89
critical
 9.8
9.8