CVE-2025-14989

A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/search-invoices.php. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit is publicly available and...

CampCodes Complete Online Beauty Parlor Management System SQL注入漏洞

Complete Online Beauty Parlor Management System is an online beauty parlor management system. The Complete Online Beauty Parlor Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter viewid i...

CampCodes Complete Online Beauty Parlor Management System 代码注入漏洞

Complete Online Beauty Parlor Management System is an online beauty parlor management system. Complete Online Beauty Parlor Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter...

CVE-2025-14989 Campcodes Complete Online Beauty Parlor Management System search-invoices.php sql injection

A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/search-invoices.php. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit is publicly available and...

CVE-2025-14952 Campcodes Supplier Management System add_category.php sql injection

A vulnerability was detected in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addcategory.php. Performing a manipulation of the argument txtCategoryName results in sql injection. The attack is possible to be carried out remotely. The exploit is now...

EUVD-2025-204301

A vulnerability was identified in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addretailer.php. The manipulation of the argument cmbAreaCode leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly availabl...

CVE-2025-14877 Campcodes Supplier Management System add_retailer.php sql injection

A vulnerability was identified in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addretailer.php. The manipulation of the argument cmbAreaCode leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly availabl...

CVE-2025-14668

A vulnerability was detected in campcodes Advanced Online Examination System 1.0. This affects an unknown function of the file /query/loginExe.php. Performing a manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now publi...

CVE-2025-14668 campcodes Advanced Online Examination System loginExe.php sql injection

A vulnerability was detected in campcodes Advanced Online Examination System 1.0. This affects an unknown function of the file /query/loginExe.php. Performing a manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now publi...

CVE-2025-14668

CVE-2025-14668 affects CampCodes Advanced Online Examination System 1.0. The vulnerability originates from the file /query/loginExe.php where manipulating the Username parameter triggers an SQL injection. The issue can be exploited remotely and public exploit information is available; multiple co...

CVE-2025-14664

CVE-2025-14664 affects Campcodes Supplier Management System 1.0. The issue arises from the processing of the file /admin/view_unit.php where manipulation of the chkId[] parameter leads to an SQL injection. Remote exploitation is possible, and an exploit is publicly available. The Red Hat/EU ENISA...

CVE-2025-14583

A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing a manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be...

EUVD-2025-203180

A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unknown function of the file /admin/index.php?page=user-profile. Performing manipulation of the argument userphoto results in unrestricted upload. The attack can be initiated remotely. The exploit is n...

CVE-2025-14582

A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unknown function of the file /admin/index.php?page=user-profile. Performing a manipulation of the argument userphoto results in unrestricted upload. The attack can be initiated remotely. The exploit is...

CVE-2025-14583

CVE-2025-14583 affects CampCodes Online Student Enrollment System v1.0 in the /admin/register.php handler where manipulating the photo parameter enables unrestricted file upload. This remote vulnerability can be exploited without authentication and is accompanied by published exploit guidance. Re...

CVE-2025-14514

Campcodes Supplier Management System 1.0 contains a SQL injection flaw in the /admin/add_distributor.php handler. The vulnerability is triggered by manipulating txtDistributorAddress, enabling remote exploitation. The attack can be initiated remotely and an exploit has been published, per multipl...

CampCodes Supplier Management System SQL注入漏洞

CampCodes Supplier Management System is a supplier management system from CampCodes, Inc. A SQL injection vulnerability exists in Campcodes Supplier Management System version 1.0, which stems from improper handling of the parameter txtDistributorAddress in the file /admin/adddistributor.php, whic...

PT-2025-50590

A flaw has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/add distributor.php. This manipulation of the argument txtDistributorAddress causes sql injection. The attack can be initiated remotely. The exploit has been published and may be...

CVE-2025-13484

A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/customer-list.php. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. The exploit is...

CVE-2025-13424

A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addproduct.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...