VYPR

Go modules package

github.com/donknap/dpanel

pkg:golang/github.com/donknap/dpanel

Vulnerabilities (3)

  • CVE-2025-66292Jan 15, 2026
    affected < 1.9.2fixed 1.9.2

    DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. Authenticated users can delete arbitrary files on the server via path traversal. When a user logs into t

  • CVE-2025-53363MedAug 22, 2025
    affected >= 1.2.0, <= 1.7.2

    dpanel is an open source server management panel written in Go. In versions 1.2.0 through 1.7.2, dpanel allows authenticated users to read arbitrary files from the server via the /api/app/compose/get-from-uri API endpoint. The vulnerability exists in the GetFromUri function in ap

  • CVE-2025-30206CriApr 15, 2025
    affected < 1.6.1fixed 1.6.1

    Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT secret in its default configuration, allowing attackers to generate valid JWT tokens and compromise the host machine. This security flaw