Lucene search
K

4 matches found

OSV
OSV
added 2025/12/10 9:31 p.m.7 views

GHSA-WRVC-X3WF-J5F5 1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality

1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery CSRF vulnerability in the web port configuration functionality. The port-change endpoint lacks CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a...

7.1CVSS6.9AI score0.0015EPSS
Exploits0References5
OSV
OSV
added 2025/12/10 6:23 p.m.6 views

CVE-2025-34429 1Panel CSRF Web Port Configuration Change

1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery CSRF vulnerability in the web port configuration functionality. The port-change endpoint lacks CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a...

7CVSS7.1AI score0.0015EPSS
Exploits0References6
OSV
OSV
added 2025/12/10 6:23 p.m.3 views

CVE-2025-34430 1Panel CSRF Panel Name Modification

1Panel versions 1.10.33 through 2.0.15 contain a cross-site request forgery CSRF vulnerability in the panel name management functionality. The affected endpoint does not implement CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that...

5.1CVSS7.3AI score0.00179EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.3 views

PT-2025-50369

Name of the Vulnerable Software and Affected Versions 1Panel versions 1.10.33 through 2.0.15 Description 1Panel is affected by a cross-site request forgery CSRF issue in the panel name management functionality. The affected functionality lacks CSRF protections, such as anti-CSRF tokens or...

5.1CVSS6.6AI score0.00179EPSS
Exploits0References6
Rows per page
Query Builder