CVE-2021-47916

Name of the Vulnerable Software and Affected Versions Simple CMS version 2.1

Description The software contains a remote SQL injection issue that may allow attackers with elevated privileges to inject unfiltered SQL commands within the users module. Exploitation occurs through unvalidated input parameters in the admin.php file, potentially leading to compromise of the database management system and the web application itself. The vulnerable parameter is not specified.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.