CRITICAL9.8CVE-2024-399071Panel has an SQL injection issue related to the orderBy clause in github.com/1Panel-dev/1Panel from 0, < 1.10.12-tls
CRITICAL9.8CVE-2024-399071Panel has an SQL injection issue related to the orderBy clause in github.com/1Panel-dev/1Panel from 0
HIGH8.81Panel command injection vulnerability in Firewall ip functionality in github.com/1Panel-dev/1Panel
from 0, < 1.4.3
HIGH8.81Panel command injection vulnerability in Firewall ip functionality in github.com/1Panel-dev/1Panel
from 0, < 1.4.3
HIGH7.51Panel – CAPTCHA Bypass via Client-Controlled Flag in github.com/1Panel-dev/1Panel
from 0, < 2.0.14
HIGH7.51Panel – CAPTCHA Bypass via Client-Controlled Flag in github.com/1Panel-dev/1Panel
from 0, < 2.0.14+incompatible
HIGH7.51Panel arbitrary file write vulnerability in github.com/1Panel-dev/1Panel
>= 1.4.3, < 1.5.0
HIGH7.51Panel arbitrary file write vulnerability in github.com/1Panel-dev/1Panel
>= 1.4.3, < 1.5.0
HIGH7.51Panel O&M management panel has a background arbitrary file reading vulnerability in github.com/1Panel-dev/1Panel
>= 1.4.3, < 1.5.0
HIGH7.51Panel O&M management panel has a background arbitrary file reading vulnerability in github.com/1Panel-dev/1Panel
>= 1.4.3, < 1.5.0
HIGH7.11Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality in github.com/1Panel-dev/1Panel
>= 1.10.33, <= 2.0.15
HIGH7.11Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality in github.com/1Panel-dev/1Panel
from 0
HIGH7.11Panel contains a cross-site request forgery (CSRF) vulnerability in the Change Username functionality in github.com/1Panel-dev/1Panel
from 0
HIGH7.11Panel contains a cross-site request forgery (CSRF) vulnerability in the Change Username functionality in github.com/1Panel-dev/1Panel
>= 1.10.33, <= 2.0.15
MEDIUM6.51Panel IP Access Control Bypass via Untrusted X-Forwarded-For Headers in github.com/1Panel-dev/1Panel
from 0, < 2.0.14
MEDIUM6.51Panel IP Access Control Bypass via Untrusted X-Forwarded-For Headers in github.com/1Panel-dev/1Panel
from 0, < 2.0.14+incompatible
MEDIUM6.5Arbitrary file write in github.com/1Panel-dev/1Panel
from 0, < 1.10.3-lts
MEDIUM6.5Arbitrary file write in github.com/1Panel-dev/1Panel
from 0, < 1.10.3-lts
MEDIUM6.51Panel Arbitrary File Download vulnerability in github.com/1Panel-dev/1Panel
>= 1.4.3, < 1.5.0
MEDIUM6.51Panel Arbitrary File Download vulnerability in github.com/1Panel-dev/1Panel
>= 1.4.3, < 1.5.0
MEDIUM6.31Panel is vulnerable to command injection in github.com/1Panel-dev/1Panel
from 0, < 1.10.1-lts
MEDIUM6.31Panel is vulnerable to command injection in github.com/1Panel-dev/1Panel
from 0, < 1.10.1-lts
MEDIUM6.3Unauthorized Console access in github.com/1Panel-dev/1Panel
from 0, < 1.10.1-lts
MEDIUM6.3Unauthorized Console access in github.com/1Panel-dev/1Panel
from 0, < 1.10.1-lts
MEDIUM6.31Panel vulnerable to command injection when entering the container terminal in github.com/1Panel-dev/1Panel
from 0, < 1.3.6
MEDIUM6.31Panel vulnerable to command injection when entering the container terminal in github.com/1Panel-dev/1Panel
from 0, < 1.3.6
MEDIUM6.31Panel vulnerable to command injection when adding container repositories in github.com/1Panel-dev/1Panel
from 0, < 1.3.6
MEDIUM6.31Panel vulnerable to command injection when adding container repositories in github.com/1Panel-dev/1Panel
from 0, < 1.3.6
MEDIUM5.91Panel's password verification is suspected to have a timing attack vulnerability in github.com/1Panel-dev/1Panel
from 0
MEDIUM5.91Panel's password verification is suspected to have a timing attack vulnerability in github.com/1Panel-dev/1Panel
from 0, < 1.10.3
MEDIUM4.31Panel contains a cross-site request forgery (CSRF) vulnerability in the panel name management functionality in github.com/1Panel-dev/1Panel
from 0
MEDIUM4.31Panel contains a cross-site request forgery (CSRF) vulnerability in the panel name management functionality in github.com/1Panel-dev/1Panel
>= 1.10.33, <= 2.0.15
LOW3.51Panel set-cookie is missing the Secure keyword in github.com/1Panel-dev/1Panel
from 0, < 1.9.6
LOW3.51Panel set-cookie is missing the Secure keyword in github.com/1Panel-dev/1Panel
from 0, < 1.9.6
—1Panel SQL injection in github.com/1Panel-dev/1Panel
from 0, < 1.10.12-lts