Lucene search

K
PterodactylPanel

5 matches found

CVE
CVE
added 2024/05/03 6:15 p.m.77 views

CVE-2024-34067

Pterodactyl is a free, open-source game server management panel built with PHP, React, and Go. Importing a malicious egg or gaining access to wings instance could lead to cross site scripting (XSS) on the panel, which could be used to gain an administrator account on the panel. Specifically, the fo...

6.1CVSS6AI score0.00529EPSS
CVE
CVE
added 2021/10/06 8:15 p.m.75 views

CVE-2021-41129

Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a confirmation_token input during the two-factor authentication process to reference a cache value not associated with the login attempt. In rare cases this can al...

8.1CVSS8.1AI score0.00193EPSS
CVE
CVE
added 2021/10/25 5:15 p.m.69 views

CVE-2021-41176

Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. In affected versions of Pterodactyl a malicious user can trigger a user logout if a signed in user visits a malicious website that makes a request to the Panel's sign-out endpoint. This requires a targeted a...

4.3CVSS4.4AI score0.00168EPSS
CVE
CVE
added 2021/11/17 8:15 p.m.67 views

CVE-2021-41273

Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. Due to improperly configured CSRF protections on two routes, a malicious user could execute a CSRF-based attack against the following endpoints: Sending a test email and Generating a node auto-deployment tok...

4.3CVSS4.7AI score0.00117EPSS
CVE
CVE
added 2019/07/29 3:15 p.m.49 views

CVE-2019-1020002

Pterodactyl before 0.7.14 with 2FA allows credential sniffing.

7.5CVSS7.5AI score0.00316EPSS