CVE-2024-12933

Name of the Vulnerable Software and Affected Versions code-projects Simple Admin Panel version 1.0

Description A vulnerability was found in the Simple Admin Panel, affecting some unknown functionality of the file updateItemController.php. The manipulation of the argument p name/p desc leads to cross-site scripting. The attack may be launched remotely.

Recommendations For version 1.0, consider disabling the functionality related to the updateItemController.php file until a patch is available. Restrict access to the p name and p desc arguments in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.