Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Code-projectsSimple Admin Panel

14 matches found

CVE
CVEadded 2024/02/14 12:0 a.m.89 views

CVE-2024-25223

CVE-2024-25223 affects Simple Admin Panel App v1.0. A SQL injection in the orderID parameter of /adminView/viewEachOrder.php is documented, with CVSS v3.1 base score 9.8 (CRITICAL) affecting confidentiality, integrity, and availability. Connected sources consistently identify the same vector. A f...

9.8CVSS8.1AI score0.00628EPSS
Web
CVE
CVEadded 2024/02/14 12:0 a.m.71 views

CVE-2024-25226

CVE-2024-25226 : The connected sources consistently describe a Cross-Site Scripting (XSS) vulnerability in Simple Admin Panel App v1.0, exploitable via a crafted payload injected into the Category Name parameter of the Add Category function. Impacted component: the Add Category workflow; vulnerab...

6.1CVSS5.7AI score0.00378EPSS
CVE
CVEadded 2024/12/26 5:0 a.m.68 views

CVE-2024-12936

code-projects Simple Admin Panel 1.0 is affected by a SQL injection in the catDeleteController.php file. The vulnerability arises from improper handling of the record parameter, allowing an attacker to manipulate this input remotely over the network. Exploitation has been disclosed publicly, indi...

9.8CVSS6.8AI score0.00544EPSS
CVE
CVEadded 2024/12/25 11:31 p.m.67 views

CVE-2024-12928

CVE-2024-12928 affects code-projects Simple Admin Panel 1.0. The vulnerability is a SQL injection triggered by the c_name parameter, with remote exploit possibility and publicly disclosed exploit. Multiple connected sources corroborate the issue, including Red Hat and PT Security entries referenc...

8.8CVSS6.8AI score0.0038EPSS
CVE
CVEadded 2024/02/14 12:0 a.m.67 views

CVE-2024-25224

CVE-2024-25224 affects Simple Admin Panel App v1.0, with a cross-site scripting (XSS) vulnerability in the Add Size function, exploitable via crafted payloads to the Size Number parameter. Root cause is improper handling of input in that parameter, enabling arbitrary web script/HTML execution. Th...

5.4CVSS5.7AI score0.00375EPSS
CVE
CVEadded 2024/12/26 4:31 a.m.66 views

CVE-2024-12935

The CVE-2024-12935 entry concerns code-projects Simple Admin Panel 1.0. The vulnerability is a SQL injection in the editItemForm.php file, affecting the argument record and allowing remote exploitation. Multiple sources (NVD, CVE records, and vendor feeds) confirm the flaw and its critical classi...

9.8CVSS7.1AI score0.00544EPSS
CVE
CVEadded 2024/12/26 6:0 a.m.66 views

CVE-2024-12938

CVE-2024-12938 affects code-projects Simple Admin Panel 1.0, with a vulnerability in the updateOrderStatus.php file. The issue arises from unsafely handling the record argument, leading to SQL injection. Exploitation is described as remote, and public disclosure of the exploit is noted in multipl...

9.1CVSS6.9AI score0.00511EPSS
CVE
CVEadded 2024/02/14 12:0 a.m.65 views

CVE-2024-25225

CVE-2024-25225 affects Simple Admin Panel App v1.0, with a cross-site scripting (XSS) flaw in the Add Category function, exploitable via crafted payloads in the Category Name field. Root cause: input that is not properly sanitized in the Add Category workflow. Impact is described as arbitrary web...

6.1CVSS5.7AI score0.00411EPSS
CVE
CVEadded 2024/12/26 4:0 a.m.59 views

CVE-2024-12934

CVE-2024-12934 affects Code-Projects Simple Admin Panel 1.0. The vulnerability is an SQL injection in the updateItemController.php file, triggered by the p_desk (or p desk) parameter. It is possible to initiate the attack remotely, and public exploits have been disclosed. Multiple connected sourc...

8.8CVSS6.9AI score0.0038EPSS
CVE
CVEadded 2024/12/26 3:31 a.m.58 views

CVE-2024-12933

The CVE-2024-12933 entry concerns code-projects Simple Admin Panel 1.0. Affected component: updateItemController.php; root cause: manipulation of the arguments p_name and p_desc enables cross-site scripting (XSS). A remote attacker could exploit this via the affected API endpoint. Documents consi...

5.4CVSS3.8AI score0.00383EPSS
CVE
CVEadded 2024/12/26 5:31 a.m.55 views

CVE-2024-12937

Summary of CVE-2024-12937 (code-projects Simple Admin Panel 1.0) : The vulnerability affects the addVariationController.php file where an unknown function processes theqty argument, enabling SQL injection. The issue can be triggered remotely and has public exploit disclosure. Connected advisories...

8.8CVSS6.8AI score0.00519EPSS
CVE
CVEadded 2024/12/26 2:31 a.m.53 views

CVE-2024-12931

CVE-2024-12931 affects code-projects Simple Admin Panel 1.0. The vulnerable element is an unknown function in the file /addCatController.php where manipulating the size parameter yields an SQL injection. This enables remote exploitation and the exploit has been publicly disclosed. Multiple source...

8.8CVSS6.8AI score0.00519EPSS
CVE
CVEadded 2024/12/26 1:0 a.m.49 views

CVE-2024-12930

The CVE-2024-12930 entry concerns code-projects Simple Admin Panel 1.0. The vulnerable component is addCatController.php, where manipulation of the c_name argument enables cross-site scripting (XSS). Reports indicate the issue can be exploited remotely. Affected product/version: code-projects Sim...

5.3CVSS3.8AI score0.00383EPSS
CVE
CVEadded 2024/12/26 3:0 a.m.48 views

CVE-2024-12932

The CVE-2024-12932 affects Code-Projects Simple Admin Panel 1.0, specifically the addSizeController.php file. The vulnerability arises from manipulating the size parameter, which leads to cross-site scripting (XSS). The issue can be exploited remotely. Available connected documents confirm the co...

5.3CVSS3.8AI score0.00383EPSS