CVE-2024-53584

Critical CVSS: 9.8

OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.

Vendor

Product

CWE

Yayın Tarihi

2025-01-31 17:15:15

Güncelleme

2025-05-23 15:57:32

Source Identifier

cve@mitre.org

KEV Date Added

CWE-78 Openpanel CRITICAL Openpanel 2025

https://openpanel.com/docs/changelog/0.3.5/#%EF%B8%8F-security-fixes https://packetstorm.news/files/id/188915/

High

CVE-2025-25871

An issue in Open Panel v.0.3.4 allows a remote attacker to escalate privileges via the Fix Permissions function

Medium

CVE-2025-25872

An issue in Open Panel v.0.3.4 allows a remote attacker to escalate privileges via the Fix Permissions function

Medium

CVE-2025-25873

Cross Site Request Forgery vulnerability in Open Panel OpenAdmin v.0.3.4 allows a remote attacker to escalate privileges…

High

CVE-2024-53582

An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to exec…

Critical

CVE-2024-53537

An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager…