1panel Security Vulnerabilities and Issues — 1panel CVE List

Lucene search

Fit2cloud1panel

3 matches found

CVE•added 2023/08/10 6:15 p.m.•2524 views

CVE-2023-39964

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important configuration files on the server. In the api/v1/file.go file, there is a function called LoadFromFile, which directly reads the fil...

7.5CVSS7.3AI score0.00236EPSS

CVE•added 2024/02/05 3:15 p.m.•131 views

CVE-2024-24768

1Panel is an open source Linux server operation and maintenance management panel. The HTTPS cookie that comes with the panel does not have the Secure keyword, which may cause the cookie to be sent in plain text if accessed using HTTP. This issue has been patched in version 1.9.6.

7.5CVSS7.3AI score0.00048EPSS

CVE•added 2024/05/14 3:38 p.m.•66 views

CVE-2024-34352

1Panel is an open source Linux server operation and maintenance management panel. Prior to v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol &...

7.5CVSS6.8AI score0.0244EPSS