12 matches found
EUVD-2024-52000
Malicious code in bioql PyPI...
CVE-2024-53582
An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory traversal via a crafted HTTP request...
CVE-2024-53537
An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager...
OpenPanel 0.3.4 - Incorrect Access Control
Exploit Title: OpenPanel 0.3.4 - Incorrect Access Control Date: Nov 25, 2024 Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee Vendor Homepage: https://openpanel.com/ Software Link: https://openpanel.com/ Version: 0.3.4 Tested on: macOS CVE : CVE-2024-53582 GET /files/../...
OpenPanel 0.3.4 Directory Traversal / Arbitrary File Read
OpenPanel version 0.3.4 suffers from a directory traversal vulnerability in the fix permission functionality. This can be leveraged to change permissions on files unaccessible to userland and make them accessible to attackers. Exploit Title: OpenPanel 0.3.4 - Insecure Permission Modification via...
OpenPanel 0.3.4 Remote Code Execution
OpenPanel version 0.3.4 suffers from a remote code execution vulnerability via /fix-permissions. Exploit Title: OpenPanel 0.3.4 - Remote Code Execution via Fix Permission Date: Nov 7, 2024 Exploit Author: Punthat Siriwan, Korn Chaisuwan, Pongtorn Angsuchotmetee Vendor Homepage:...
CVE-2024-53582
An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory traversal via a crafted HTTP request...
CVE-2024-53537
An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager...
CVE-2024-53582
An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory traversal via a crafted HTTP request...
CVE-2024-53584
OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter...
PT-2025-2971 · Openpanel · Openpanel
Name of the Vulnerable Software and Affected Versions: OpenPanel version 0.3.4 Description: A command injection vulnerability was discovered in OpenPanel, allowing an attacker to inject system commands via the timezone parameter. This issue can potentially be exploited to execute arbitrary system...
OpenPanel 0.3.4 Directory Traversal Vulnerability
Exploit Title: OpenPanel 0.3.4 - Directory Traversal in Copy Function of File Manager Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee Vendor Homepage: https://openpanel.com/ Software Link: https://openpanel.com/ Version: 0.3.4 Tested on: macOS CVE : CVE-2024-53582 POST...