1Panel-dev

CVE-2023-39966 | 1Panel

August 10, 2023August 11, 2023

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, an arbitrary file write vulnerability could lead to direct control… Read More »CVE-2023-39966 | 1Panel

CVE-2023-39965 | 1Panel

August 10, 2023August 11, 2023

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, authenticated attackers can download arbitrary files through the API interface.… Read More »CVE-2023-39965 | 1Panel

CVE-2023-39964 | 1Panel

August 10, 2023August 11, 2023

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important… Read More »CVE-2023-39964 | 1Panel

CVE-2023-37917 | KubePi

July 21, 2023July 22, 2023

KubePi is an opensource kubernetes management panel. A normal user has permission to create/update users, they can become admin by editing the `isadmin` value in… Read More »CVE-2023-37917 | KubePi

CVE-2023-37916 | KubePi

July 21, 2023July 22, 2023

KubePi is an opensource kubernetes management panel. The endpoint /kubepi/api/v1/users/search?pageNum=1&&pageSize=10 leak password hash of any user (including admin). A sufficiently motivated attacker may be able… Read More »CVE-2023-37916 | KubePi

CVE-2023-37477 | 1Panel

July 18, 2023July 19, 2023

1Panel is an open source Linux server operation and maintenance management panel. An OS command injection vulnerability exists in 1Panel firewall functionality. A specially-crafted HTTP… Read More »CVE-2023-37477 | 1Panel