| Titolo | 1panel 1panel v1.10.1-lts Command injection |
|---|
| Descrizione | Check the CheckIllegal code to directly judge the key characters.
This waf that prevent command injection are at risk of being bypassed.
According to github pr description. |
|---|
| Fonte | ⚠️ https://github.com/1Panel-dev/1Panel/pull/4131 |
|---|
| Utente | linyz-tel (UID 44909) |
|---|
| Sottomissione | 09/03/2024 04:13 (2 anni fa) |
|---|
| Moderazione | 09/03/2024 07:59 (4 hours later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 256304 [1Panel fino a 1.10.1-lts swap baseApi.UpdateDeviceSwap Path escalationi di privilegi] |
|---|
| Punti | 15 |
|---|