CVE-2025-15404 campcodes School File Management System save_file.php unrestricted upload

A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /savefile.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclose...

CampCodes School File Management System 代码问题漏洞

CampCodes School File Management System is a school file management system from CampCodes Philippines. A code issue vulnerability exists in CampCodes School File Management System version 1.0, which stems from an incorrect manipulation of the parameter File in the file /savefile.php resulting in ...

CVE-2025-15214

A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function savepricing of the file adminclass.php. The manipulation of the argument name/ride results in cross site scripting. The attack may be performed from remote. The exploit has been made public and...

CVE-2025-15206

A flaw has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /admin/addarea.php. Executing a manipulation of the argument txtAreaCode can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be us...

CVE-2025-15214

A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function savepricing of the file adminclass.php. The manipulation of the argument name/ride results in cross site scripting. The attack may be performed from remote. The exploit has been made public and...

CVE-2025-15214 Campcodes Park Ticketing System admin_class.php save_pricing cross site scripting

A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function savepricing of the file adminclass.php. The manipulation of the argument name/ride results in cross site scripting. The attack may be performed from remote. The exploit has been made public and...

CVE-2025-15214 Campcodes Park Ticketing System admin_class.php save_pricing cross site scripting

A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function savepricing of the file adminclass.php. The manipulation of the argument name/ride results in cross site scripting. The attack may be performed from remote. The exploit has been made public and...

CVE-2025-15214

CVE-2025-15214 affects Campcodes Park Ticketing System 1.0. The vulnerable component is the save_pricing function in admin_class.php, where manipulating the Name/ride argument enables cross-site scripting. The issue is exploitable remotely and exploitation has been publicly disclosed. Multiple so...

EUVD-2025-205652

A flaw has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /admin/addarea.php. Executing manipulation of the argument txtAreaCode can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used...

EUVD-2025-205662

A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/viewproducts.php. The manipulation of the argument chkId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

PT-2025-53833

Name of the Vulnerable Software and Affected Versions Campcodes Park Ticketing System version 1.0 Description A security issue exists in Campcodes Park Ticketing System version 1.0. The save pricing function within the admin class.php file is susceptible to cross-site scripting XSS due to...

CampCodes Park Ticketing System 代码注入漏洞

CampCodes Park Ticketing System is a park ticketing system from CampCodes Philippines. A code injection vulnerability exists in CampCodes Park Ticketing System version 1.0, which stems from an incorrect manipulation of the parameter Name of the function savepricing in the file adminclass.php, whi...

CVE-2025-15206

A flaw has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /admin/addarea.php. Executing a manipulation of the argument txtAreaCode can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be us...

CVE-2025-15207

A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/viewproducts.php. The manipulation of the argument chkId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-15207

A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/viewproducts.php. The manipulation of the argument chkId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-15206

A flaw has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /admin/addarea.php. Executing a manipulation of the argument txtAreaCode can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be us...

CVE-2025-15207 Campcodes Supplier Management System view_products.php sql injection

A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/viewproducts.php. The manipulation of the argument chkId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-15207 Campcodes Supplier Management System view_products.php sql injection

A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/viewproducts.php. The manipulation of the argument chkId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-15207

CVE-2025-15207 affects Campcodes Supplier Management System 1.0, specifically the file /admin/view_products.php where manipulating the parameter chkId[] enables a SQL injection. Multiple connected documents corroborate remote exploitation and public disclosure of the exploit. Root cause is unsafe...

CVE-2025-15206 Campcodes Supplier Management System add_area.php sql injection

A flaw has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /admin/addarea.php. Executing a manipulation of the argument txtAreaCode can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be us...