CVE-2024-12935

Name of the Vulnerable Software and Affected Versions code-projects Simple Admin Panel version 1.0

Description A critical vulnerability was found in the Simple Admin Panel, affecting unknown code in the editItemForm.php file. The manipulation of the argument record leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Recommendations For version 1.0, consider disabling access to the editItemForm.php file until a patch is available. Restrict the manipulation of argument records to minimize the risk of SQL injection. Avoid using the affected file for remote operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.