A vulnerability, which was classified as critical, was found in code-projects Simple Admin Panel 1.0. Affected is an unknown function of the file addVariationController.php. The manipulation of the argument qty leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
References
| Link | Resource |
|---|---|
| https://code-projects.org/ | Product |
| https://vuldb.com/?ctiid.289290 | Permissions Required VDB Entry |
| https://vuldb.com/?id.289290 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.468134 | Third Party Advisory VDB Entry |
| https://code-projects.org/simple-admin-panel-in-php-with-source-code/ | Product |
Configurations
History
03 Apr 2025, 16:26
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://code-projects.org/simple-admin-panel-in-php-with-source-code/ - Product | |
| References | () https://code-projects.org/ - Product | |
| References | () https://vuldb.com/?submit.468134 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?id.289290 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?ctiid.289290 - Permissions Required, VDB Entry | |
| CWE | CWE-89 CWE-74 |
|
| CPE | cpe:2.3:a:code-projects:simple_admin_panel:1.0:*:*:*:*:*:*:* | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| First Time |
Code-projects simple Admin Panel
Code-projects |
26 Dec 2024, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-74 |
|
| References |
|
26 Dec 2024, 06:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-12-26 06:15
Updated : 2025-04-03 16:26
NVD link : CVE-2024-12937
Mitre link : CVE-2024-12937
JSON object : View
Products Affected
code-projects
- simple_admin_panel