Lucene search
K

100 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:41 a.m.7 views

CVE-2023-39965

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, authenticated attackers can download arbitrary files through the API interface. This code has unauthorized access. Attackers can freely download the file content on the target system. This may caus...

6.5CVSS6.7AI score0.00382EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:12 a.m.10 views

CVE-2023-39966

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, an arbitrary file write vulnerability could lead to direct control of the server. In the api/v1/file.go file, there is a function called SaveContentthat,It recieves JSON data sent by users in the...

9.8CVSS7AI score0.00698EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:12 a.m.9 views

CVE-2023-39964

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important configuration files on the server. In the api/v1/file.go file, there is a function called LoadFromFile, which directly reads the...

7.5CVSS6.8AI score0.0082EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:1 a.m.9 views

CVE-2023-36458

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payloads to achieve command injection when entering the container terminal. The vulnerability has been fixed in v1.3.6...

8.8CVSS7AI score0.01989EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:1 a.m.10 views

CVE-2023-36457

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6...

8.8CVSS7AI score0.01989EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/13 10:11 p.m.18 views

CVE-2025-4546

A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...

8.8CVSS7.7AI score0.00532EPSS
Exploits1References1
NVD
NVD
added 2025/05/11 8:15 p.m.21 views

CVE-2025-4546

A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...

8.8CVSS0.00532EPSS
Exploits1References4
OSV
OSV
added 2025/05/11 8:15 p.m.4 views

CVE-2025-4546

A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...

8.8CVSS5AI score
Exploits0References4
Cvelist
Cvelist
added 2025/05/11 8:0 p.m.30 views

CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection

A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...

5.8CVSS0.00532EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/05/11 8:0 p.m.5 views

CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection

A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...

5.8CVSS5.2AI score0.00532EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/02/04 11:31 p.m.14 views

CVE-2024-39911

1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability...

10CVSS7.1AI score0.04566EPSS
Exploits2References1
OSV
OSV
added 2024/08/21 2:17 p.m.15 views

GO-2023-2004 1Panel O&M management panel has a background arbitrary file reading vulnerability in github.com/1Panel-dev/1Panel

1Panel O&M management panel has a background arbitrary file reading vulnerability in github.com/1Panel-dev/1Panel...

7.5CVSS7.4AI score0.0082EPSS
Exploits1References3
OSV
OSV
added 2024/08/21 2:17 p.m.20 views

GO-2023-2006 1Panel arbitrary file write vulnerability in github.com/1Panel-dev/1Panel

1Panel arbitrary file write vulnerability in github.com/1Panel-dev/1Panel...

9.8CVSS8.6AI score0.00698EPSS
Exploits1References3
OSV
OSV
added 2024/08/20 8:31 p.m.58 views

GO-2023-1940 1Panel command injection vulnerability in Firewall ip functionality in github.com/1Panel-dev/1Panel

1Panel command injection vulnerability in Firewall ip functionality in github.com/1Panel-dev/1Panel...

8.8CVSS7.9AI score0.05354EPSS
Exploits1References4
OSV
OSV
added 2024/08/20 8:31 p.m.14 views

GO-2023-1887 1Panel vulnerable to command injection when adding container repositories in github.com/1Panel-dev/1Panel

1Panel vulnerable to command injection when adding container repositories in github.com/1Panel-dev/1Panel...

8.8CVSS7.5AI score0.01989EPSS
Exploits1References3
CNVD
CNVD
added 2024/07/24 12:0 a.m.13 views

1Panel SQL Injection Vulnerability

1Panel is a product of Hangzhou Feizhiyun Information Technology Co., Ltd. and is a modern, open source Linux server operation and maintenance management panel. 1Panel exists SQL injection vulnerability, the vulnerability is due to the existence of 1Panel multiple improper filtering, an attacker...

9.8CVSS7.1AI score0.29396EPSS
Exploits1References1
OSV
OSV
added 2024/07/22 6:24 p.m.24 views

GO-2024-2990 1Panel has an SQL injection issue related to the orderBy clause in github.com/1Panel-dev/1Panel

1Panel has an SQL injection issue related to the orderBy clause in github.com/1Panel-dev/1Panel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerabili...

9.8CVSS9.7AI score0.29396EPSS
Exploits1References3
NVD
NVD
added 2024/07/18 4:15 p.m.24 views

CVE-2024-39911

1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability...

10CVSS0.04566EPSS
Exploits2References2
CVE
CVE
added 2024/07/18 3:35 p.m.56 views

CVE-2024-39911

CVE-2024-39911 affects 1Panel, a web-based Linux server management control panel. The issue is an unspecified SQL injection via User-Agent handling that can impact confidentiality, integrity, and availability. Red Hat and other sources corroborate the same description and note the fix in version ...

10CVSS9.7AI score0.04566EPSS
Exploits2References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/18 3:35 p.m.30 views

CVE-2024-39911 1Panel SQL injection

1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability...

10CVSS7.2AI score0.04566EPSS
Exploits2References2
Rows per page
Query Builder