CVE-2024-12932

LOW

Code-projects Simple Admin Panel - Code Injection

Title source: rule

Description

A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file addSizeController.php. The manipulation of the argument size leads to cross site scripting. The attack can be launched remotely.

References (5)

[Product] https://code-projects.org/

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.289285

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.289285

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.468123

[Product] https://code-projects.org/simple-admin-panel-in-php-with-source-code/

Scores

CVSS v3 3.5

EPSS 0.0017

EPSS Percentile 37.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Classification

CWE

CWE-94 CWE-79

Status published

Affected Products (1)

code-projects/simple_admin_panel

Timeline

Published Dec 26, 2024

Tracked Since Feb 18, 2026