根据提供的图片内容和OCR文字识别,以下是从该图片中可以提取到的关于漏洞的关键信息,使用简洁的Markdown格式返回: Title: Xiaopi Web Application Firewall V1.0.0 Bypass Description: - Inadequate filtering of user input in the official WAF firewall of Xiaopi Panel leads to a vulnerability. - Attackers can execute malicious code through injection statements. - Despite WAF protection, attackers can bypass restrictions using specific formats and encoding techniques. Source: https://github.com/lftranquility/CVE/issues/37 Submitter: Customer (UID 83474) Submission Date: 01/26/2026 04:21 PM (12 days ago) Moderation Date: 02/06/2026 03:51 PM (11 days later) Status: Accepted VulDB Entry: 234095 Points: 18 Affected Product: Xiaopi Panel up to 20260126 WAF Firewall/demo.php ID SQL injection