CVE-2025-51667: simple-admin-core SQL Injection vulnerability
An issue was discovered in simple-admin-core v1.2.0 thru v1.6.7. The /sys-api/role/update interface in the simple-admin-core system has a limited SQL injection vulnerability, which may lead to partial data leakage or disruption of normal system operations.
References
- gist.github.com/66Giraffe66/fc258f7fcc65a6a1a1a01e217977b92d
- github.com/advisories/GHSA-f2m2-4q6r-cwc4
- github.com/suyuan32/simple-admin-core
- github.com/suyuan32/simple-admin-core/commit/f1e2c4f3c55cd5953ad7f7b0706df48adaaeb18a
- github.com/suyuan32/simple-admin-core/issues/333
- nvd.nist.gov/vuln/detail/CVE-2025-51667
Code Behaviors & Features
Detect and mitigate CVE-2025-51667 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →