CVE-2025-9678
CVE-2025-9678 affects Campcodes Online Loan Management System 1.0. The vulnerability is an SQL injection in the /ajax.php?action=delete_borrower endpoint, caused by manipulation of the ID parameter. It can be triggered remotely over the network and is publicly exploit-able according to the source...