A vulnerability classified as critical was found in code-projects Simple Admin Panel 1.0. This vulnerability affects unknown code of the file editItemForm.php. The manipulation of the argument record leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
References
| Link | Resource |
|---|---|
| https://code-projects.org/ | Product |
| https://code-projects.org/simple-admin-panel-in-php-with-source-code/ | Product |
| https://vuldb.com/?ctiid.289288 | Permissions Required VDB Entry |
| https://vuldb.com/?id.289288 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.468129 | Third Party Advisory VDB Entry |
Configurations
History
17 Apr 2025, 02:03
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://code-projects.org/simple-admin-panel-in-php-with-source-code/ - Product | |
| References | () https://vuldb.com/?submit.468129 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?id.289288 - Third Party Advisory, VDB Entry | |
| References | () https://code-projects.org/ - Product | |
| References | () https://vuldb.com/?ctiid.289288 - Permissions Required, VDB Entry | |
| First Time |
Code-projects simple Admin Panel
Code-projects |
|
| CWE | CWE-89 | |
| CPE | cpe:2.3:a:code-projects:simple_admin_panel:1.0:*:*:*:*:*:*:* | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
26 Dec 2024, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-74 |
|
| References |
|
26 Dec 2024, 05:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-12-26 05:15
Updated : 2025-04-17 02:03
NVD link : CVE-2024-12935
Mitre link : CVE-2024-12935
JSON object : View
Products Affected
code-projects
- simple_admin_panel
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')