Elite · Elite Cms Pro · CVE-2018-12250
**Name of the Vulnerable Software and Affected Versions**
Elite CMS Pro version 2.01
**Description**
An issue was discovered in the software, where the `page` parameter in the `/admin/add sidebar.php` API endpoint is vulnerable to SQL injection.
**Recommendations**
For Elite CMS Pro version 2.01, consider restricting access to the `/admin/add sidebar.php` API endpoint until a patch is available, and avoid using the `page` parameter to minimize the risk of exploitation.