Lucene search
Veracode Vulnerability DatabaseVERACODE:48168HistoryJul 22, 2024 - 5:22 p.m.
SQL Injection
2024-07-2217:22:25
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
sql injection
panel vulnerability
arbitrary file writes
remote code executions
insufficient input filtering
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.3
Confidence
Low
EPSS
0.006
Percentile
79.5%
1Panel is vulnerable to SQL Injection. The vulnerability is due to insufficient filtering of inputs, leading to arbitrary file writes and remote code executions (RCEs).
Related
osv
osv
vulnrichment
vulnrichment
CVE-2024-39907 a sqlinjection in 1Panel
2024-07-18 15:31:30
gitlab
gitlab
1Panel has an SQL injection issue related to the orderBy clause
2024-07-18 00:00:00
nuclei
nuclei
1Panel SQL Injection - Authenticated
2024-07-30 09:14:30
cve
cve
CVE-2024-39907
2024-07-18 16:15:07
cvelist
cvelist
CVE-2024-39907 a sqlinjection in 1Panel
2024-07-18 15:31:30
nvd
nvd
CVE-2024-39907
2024-07-18 16:15:07
github
github
1Panel has an SQL injection issue related to the orderBy clause
2024-07-18 14:25:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.3
Confidence
Low
EPSS
0.006
Percentile
79.5%
Related for VERACODE:48168