GO-2025-4231 1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality in github.com/1Panel-dev/1Panel

1Panel contains a cross-site request forgery CSRF vulnerability in the web port configuration functionality in github.com/1Panel-dev/1Panel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is...

CVE-2025-56413

OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint...

Exploit for Command Injection in Fit2Cloud 1Panel

https://github.com/hophtien/CVE-2025-54424/releaseshttps://gi...

The vulnerability of the 1Panel Linux server control panel, related to information disclosure due to inconsistencies, allows attackers to expose protected information.

The vulnerability of the 1Panel Linux server control panel is related to the exposure of information through mismatches. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

1Panel Security Vulnerability

1Panel is an open source Linux server operations and management panel for the Chinese 1panel community. A security vulnerability exists in versions prior to 1Panel 1.10.1-lts, which stems from the fact that users can use Burp to gain unauthorized access to console pages...

1Panel Security Vulnerability

1Panel is an open source Linux server O&M panel for the Chinese 1panel community. A security vulnerability exists in 1Panel version 1.4.3. An attacker can exploit the vulnerability to download arbitrary files through the API interface...