Lucene search
K

7 matches found

OSV
OSV
added 2024/08/20 8:31 p.m.14 views

GO-2023-1887 1Panel vulnerable to command injection when adding container repositories in github.com/1Panel-dev/1Panel

1Panel vulnerable to command injection when adding container repositories in github.com/1Panel-dev/1Panel...

8.8CVSS7.5AI score0.02313EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/07/18 12:0 a.m.8 views

The vulnerability of the 1Panel Linux server’s control panel, related to the failure to eliminate special elements used in the operating system commands, allows a hacker to execute arbitrary commands.

The vulnerability of the 1Panel Linux server’s control panel is related to the lack of measures taken to neutralize special elements used in the operating system when adding container repositories. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS8AI score0.02313EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/07/05 9:38 p.m.48 views

GHSA-Q2MX-GPJF-3H8X 1Panel vulnerable to command injection when adding container repositories

Impact The authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. 1. Vulnerability analysis. backend\app\api\v1\imagerepo.gocreate backend\app\service\imagerepo.goCheckConn 2. vulnerability reproduction. POST /api/v1/containers/repo...

6.3CVSS7.5AI score0.02313EPSS
Exploits1References4
NVD
NVD
added 2023/07/05 9:15 p.m.26 views

CVE-2023-36457

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6...

8.8CVSS7.1AI score0.02313EPSS
Exploits1References2
GitLab Advisory Database
GitLab Advisory Database
added 2023/07/05 12:0 a.m.32 views

Improper Neutralization of Special Elements used in a Command ('Command Injection')

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6...

8.8CVSS7.3AI score0.02313EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/21 12:0 a.m.2 views

PT-2023-3543 · 1Panel · 1Panel

Name of the Vulnerable Software and Affected Versions: 1Panel versions prior to 1.3.6 Description: The issue is related to command injection when adding container repositories. An authenticated attacker can craft a malicious payload to achieve this. The vulnerability is due to the lack of proper...

9CVSS8.2AI score0.02313EPSS
Exploits1References10
CNNVD
CNNVD
added 2021/03/17 12:0 a.m.6 views

RED HAT Quay web application 代码问题漏洞

RED HAT Quay web application is an application from the United States RED HAT. It provides a container image registry that allows you to build, organize, distribute, and deploy containers. A code issue vulnerability exists in the Quay web application, which stems from the fact that sessions never...

4.4CVSS6AI score0.00295EPSS
Exploits0References2
Rows per page
Query Builder