11 matches found
EUVD-2025-14976
Malicious code in bioql PyPI...
CVE-2025-4546
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
CVE-2025-4546
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
CVE-2025-4546
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
GO-2023-1940 1Panel command injection vulnerability in Firewall ip functionality in github.com/1Panel-dev/1Panel
1Panel command injection vulnerability in Firewall ip functionality in github.com/1Panel-dev/1Panel...
GO-2024-2990 1Panel has an SQL injection issue related to the orderBy clause in github.com/1Panel-dev/1Panel
1Panel has an SQL injection issue related to the orderBy clause in github.com/1Panel-dev/1Panel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerabili...
GO-2024-2636 1Panel is vulnerable to command injection in github.com/1Panel-dev/1Panel
1Panel is vulnerable to command injection in github.com/1Panel-dev/1Panel...
GO-2024-2830 Arbitrary file write in github.com/1Panel-dev/1Panel
A maliciously crafted packet can write to an arbitrary file...
Arbitrary File Reads
github.com/1panel-dev/1panel is vulnerable to Arbitrary File Reads. The vulnerability exists in LoadFromFile at file.go due to not restricting the request parameters which allows an attacker to directly read arbitrary files on the system...