EUVD-2025-199164

Malicious code in easypanel-sdk npm...

MAL-2025-191085 Malicious code in easypanel-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ac9db35167e3722d383a2c76a094d96d19c1097508758bccde5c8a5445550bd The package easypanel-sdk was found to contain malicious code. Source: ghsa-malware fdce617dc7f1837495fa0e90e3ac7d214b335c36893c9f97d749e28949d361d3...

Malicious code in easypanel-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ac9db35167e3722d383a2c76a094d96d19c1097508758bccde5c8a5445550bd The package easypanel-sdk was found to contain malicious code. Source: ghsa-malware fdce617dc7f1837495fa0e90e3ac7d214b335c36893c9f97d749e28949d361d3...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Kangle虚拟主机本地文件包含漏洞

测试环境：kangle-3.3.9.msi，ep-2.6.4.exe（官方4-18日更新），windows XP 首先安装kangle server，然后安装easypanel，安装成功后访问http://127.0.0.1:3312/，会自动跳转到http://127.0.0.1:3312/vhost/?c=session&a=loginForm。 然后随便输入用户名密码登陆，如图发送的请求： 然后修改请求url中的参数c的值，将session改为： C=../../../../../../../../../../../windows/system.ini%00...

easypanel 2.6.4 /vhost/index.php 本地文件包含漏洞

No description provided by source...