PT-2026-26105

CVE-2026-29858 A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion LFI, leadingot sensitive information exposure. https://t.co/WowAOqIOTR...

SUSE CVE-2025-66507

1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.13 and below allow an unauthenticated attacker to disable CAPTCHA verification by abusing a client-controlled parameter. Because the server previously trusted this value without proper validation, CAPTCHA...

CVE-2025-66508 1Panel IP Access Control Bypass via Untrusted X-Forwarded-For Headers

1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.14 and below use Gin's default configuration which trusts all IP addresses as proxies TrustedProxies = 0.0.0.0/0, allowing any client to spoof the X-Forwarded-For header. Since all IP-based access controls...

CVE-2025-10433 1Panel-dev MaxKB debug deserialization

A vulnerability was determined in 1Panel-dev MaxKB up to 2.0.2/2.1.0. This issue affects some unknown processing of the file /admin/api/workspace/default/tool/debug. Executing manipulation of the argument code can lead to deserialization. The attack can be executed remotely. The exploit has been...

The vulnerability of the software for programming operator panels of the VT series, such as VT-Designer, arises from writing beyond buffer boundaries, allowing a hacker to execute arbitrary code.

The vulnerability of the software for programming operator panels of the VT series, such as VT-Designer, lies in the writing beyond buffer boundaries when processing PM3 files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2024-0242 Unauthorized access to settings in Qolsys IQ Panel 4 and IQ4 Hub

Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings...

PT-2024-19518 · Seo Panel · Seo Panel

Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.10.0 Description: A Cross-Site Request Forgery CSRF issue allows remote attackers to perform unauthorized user password resets. Recommendations: For SEO Panel version 4.10.0, update to a version that fixes this issue to...

The vulnerability of Weintek’s cMT3000 HMI Web CGI panel’s microprogramming software arises from buffer overflow in the stack. This allows a malicious actor to execute arbitrary code.

The vulnerability of Weintek’s cMT3000 HMI Web CGI panel software lies in buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the FvDesigner software for creating operator panels, related to the execution of operations outside the buffer boundaries in memory, allows a hacker to execute arbitrary code on the target system.

The vulnerability of the FvDesigner software for creating operator panels is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the target system...

The vulnerability of the DOPSoft software, designed for programming operator panels by Delta Electronics, arises from a buffer overflow in the dynamic memory. This allows an attacker to execute arbitrary code.

The vulnerability of the DOPSoft software, designed for programming operator panels by Delta Electronics, is due to a buffer overflow in the dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

SEO Panel 跨站脚本漏洞

SEO Panel is a free, open source SEO optimization software. A cross-site scripting vulnerability exists in SEO Panel version 4.8.0. An attacker can exploit this vulnerability to inject JavaScript via the reporttype parameter in archive.php...

Delta Electronics TPEditor Buffer Error Vulnerability

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics Taiwan, China. A security vulnerability exists in Delta Electronics TPEditor v1.98 and prior that could allow an attacker to execute code with the privileges of the application...

Delta Electronics TPEditor Buffer Overflow Vulnerability (CNVD-2020-47576)

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics TPEditor version 1.97 and earlier. The vulnerability can be exploited by an attacker with a specially crafted project fil...

ABB CP400 Panel Builder TextEditor 2.0

1. EXECUTIVE SUMMARY CVSS v7.0 Vendor: ABB Equipment: CP400 Panel Builder TextEditor 2.0 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, and cause a denial-of-service condition within the...

The software of Mitsubishi Electric’s E1000 E-Designer panel programming system is vulnerable due to buffer overflows in memory. This allows attackers to execute arbitrary code under the authority of the administrator or cause a service failure.

The vulnerability of Mitsubishi Electric’s E1000 E-Designer panel programming software lies in buffer overflows that occur during the processing of configuration files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on behalf of the administrator or trigger a...

SEO Panel SQL Injection Vulnerability

Seo Panel is a set of control panels for managing your website's search engine optimization, which provides features such as website rankings, Google, Baidu and other search engine indexing, Sitemaps auto-generator and keyword positioning check. A SQL injection vulnerability exists in versions of...

WESPA Calendário v1.1 Sql Injection Vulnerability

WESPA Calendrio v1.1 Sql Injection Vulnerability - Discovered by : AleminKrali - My Site : al3m.blogspot.com - Script Download : http://www.scriptbrasil.com.br/download/codigo/6502/ - Admin Panel : /scriptpath/useradmin.php - Exploit :...