PT-2025-47530

Name of the Vulnerable Software and Affected Versions Campcodes Retro Basketball Shoes Online Store version 1.0 Description A flaw exists that allows for unrestricted file uploads. This is possible through manipulation of the product image argument in the /admin/admin football.php file. The attac...

CampCodes Online Hospital Management System 安全漏洞

CampCodes Online Hospital Management System is an online hospital management system from CampCodes, Inc. A security vulnerability exists in CampCodes Online Hospital Management System version 1.0, which is caused by a SQL injection in the username parameter of the /admin/index.php file...

CVE-2025-63719

CVE-2025-63719 affects Campcodes Online Hospital Management System 1.0. A SQL Injection flaw exists in the admin panel at /admin/index.php, exploitable through the username parameter. The CVE’s metrics show a CVSS 3.1 base score of 7.3 (HIGH) with network access and no privileges required, and lo...

CVE-2025-13291

A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirmorder.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been made public and could b...

CVE-2025-13273

A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepayment. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be...

CVE-2025-13271

A vulnerability was determined in Campcodes School Fees Payment Management System 1.0. This impacts an unknown function of the file /ajax.php?action=login. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2025-13272

A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Affected is an unknown function of the file /managecourse.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be us...

CVE-2025-13269

A vulnerability has been found in Campcodes School Fees Payment Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=savepayment. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-13270

A vulnerability was found in Campcodes School Fees Payment Management System 1.0. This affects an unknown function of the file /ajax.php?action=savecourse. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could...

CVE-2025-13260

A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/editproduct.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-13259

A flaw has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /manufacturer/editunit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

CVE-2025-13291

A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirmorder.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been made public and could b...

CVE-2025-13291

A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirmorder.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been made public and could b...

CVE-2025-13291 Campcodes Supplier Management System confirm_order.php sql injection

A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirmorder.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been made public and could b...

CVE-2025-13291 Campcodes Supplier Management System confirm_order.php sql injection

A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirmorder.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been made public and could b...

EUVD-2025-197855

A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirmorder.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be...

CVE-2025-13291

CVE-2025-13291 affects Campcodes Supplier Management System 1.0. The SQL injection vulnerability resides in the /manufacturer/confirm_order.php file, triggered by manipulating the ID parameter. It is remotely exploitable and the exploit has been made public. Impact is described with high confiden...

CVE-2025-13274

A weakness has been identified in Campcodes School Fees Payment Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=deletefees. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The...

CVE-2025-13274

A weakness has been identified in Campcodes School Fees Payment Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=deletefees. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The...

CVE-2025-13273

A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepayment. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be...