CVE-2024-33806

A SQL injection vulnerability in /model/getgrade.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

CVE-2025-0341

A vulnerability, which was classified as critical, has been found in CampCodes Computer Laboratory Management System 1.0. Affected by this issue is some unknown functionality of the file /class/edit/edit. The manipulation of the argument ephoto leads to unrestricted upload. The attack may be...

CVE-2025-0342 CampCodes Computer Laboratory Management System edit cross site scripting

A vulnerability, which was classified as problematic, was found in CampCodes Computer Laboratory Management System 1.0. This affects an unknown part of the file /class/edit/edit. The manipulation of the argument slname leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2025-0342 CampCodes Computer Laboratory Management System edit cross site scripting

A vulnerability, which was classified as problematic, was found in CampCodes Computer Laboratory Management System 1.0. This affects an unknown part of the file /class/edit/edit. The manipulation of the argument slname leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2025-0342

CVE-2025-0342 affects CampCodes Computer Laboratory Management System 1.0. The issue involves the parameter s_lname in the file path /class/edit/edit, where manipulation leads to cross-site scripting. Exploitation is possible remotely and the exploit has been disclosed publicly; other parameters ...

CVE-2025-0341

CampCodes Computer Laboratory Management System 1.0 contains a vulnerability in the /class/edit/edit endpoint where manipulating the e_photo parameter enables unrestricted file upload. This is a remote, unauthenticated-like risk described across multiple sources, with the root cause described as ...

CVE-2025-0212

A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /viewstudents.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

PT-2025-3785 · Unknown · Campcodes Project Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Project Management System version 1.0 Description: A critical issue has been found in the code of the file /forms/update forms.php?action=change pic2&id=4, allowing for unrestricted upload due to the manipulation of the argument fil...

CVE-2024-33402

A SQL injection vulnerability in /model/approvepettycash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter...

CVE-2024-33803

A SQL injection vulnerability in /model/getexam.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

CVE-2024-33802

A SQL injection vulnerability in /model/getstudentsubject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter...

CVE-2024-33804

A SQL injection vulnerability in /model/getsubject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

CVE-2024-33807

A SQL injection vulnerability in /model/getteachertimetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter...

CVE-2024-33802

A SQL injection vulnerability in /model/getstudentsubject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter...

CVE-2024-33801

A SQL injection vulnerability in /model/getsubjectrouting.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

CVE-2024-33800

A SQL injection vulnerability in /model/getstudent1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter...

PT-2024-25487 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the index parameter in the "/model/get student1.php" API endpoint. Recommendations:...

Campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the id...

PT-2024-25490 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue exists, allowing an attacker to execute arbitrary SQL commands. This is achieved by exploiting the "id" parameter in the "/model/get exam.php...

PT-2024-25485 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get teacher.php" API endpoint. Recommendations: For...