SQL Injection Vulnerability in Simple Admin Panel by Code-Projects
CVE-2024-12934
5.3MEDIUM
What is CVE-2024-12934?
A significant vulnerability has been identified in version 1.0 of the Simple Admin Panel, developed by Code-Projects. The issue resides in the handling of input arguments within the updateItemController.php file, specifically the 'p_desk' parameter. An attacker could exploit this vulnerability via SQL injection, allowing unauthorized manipulation of the database. This flaw can be triggered remotely, thus broadening the attack vector. Given that the exploit details have been publicly disclosed, it is imperative for users of the affected product to apply necessary security measures to mitigate potential risks.
Affected Version(s)
Simple Admin Panel 1.0