Lucene search
+L

229 matches found

Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.11 views

PT-2025-49097

Name of the Vulnerable Software and Affected Versions EduplusCampus version 3.0.1 Description An Insecure Direct Object Reference IDOR exists in the Student Payment API. Authenticated users can access other students’ personal and financial records by manipulating the rec no parameter within the...

6.7AI score0.00302EPSS
Exploits3References7
CVE
CVE
added 2025/12/04 12:0 a.m.34 views

CVE-2025-61148

CVE-2025-61148 describes an Insecure Direct Object Reference (IDOR) in EduplusCampus 3.0.1, specifically the Student Payment API. An authenticated user can access other students’ personal and financial records by altering the rec_no parameter in the /student/get-receipt endpoint. The issue is roo...

6.5CVSS6.3AI score0.00302EPSS
Exploits3References3Affected Software1
Packet Storm
Packet Storm
added 2025/12/03 12:0 a.m.351 views

📄 EduplusCampus 3.0.1 Insecure Direct Object Reference

A critical insecure direct object reference vulnerability was identified in the EduplusCampus student portal version 3.0.1. This vulnerability allows an authenticated user to access the sensitive personal and financial records of other students by modifying the recno parameter in the API request...

6.5CVSS6.8AI score0.00302EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/11/20 9:36 p.m.4 views

CVE-2025-13410

A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and...

9.8CVSS7AI score0.00379EPSS
Exploits1References1
OSV
OSV
added 2025/11/19 9:15 p.m.5 views

CVE-2025-13410

A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and...

9.8CVSS5.8AI score0.00379EPSS
Exploits1References5
NVD
NVD
added 2025/11/19 9:15 p.m.5 views

CVE-2025-13410

A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and...

9.8CVSS0.00379EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/11/19 8:32 p.m.17 views

CVE-2025-13410 Campcodes Retro Basketball Shoes Online Store receipt.php sql injection

A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and...

7.5CVSS0.00379EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/19 8:32 p.m.3 views

CVE-2025-13410 Campcodes Retro Basketball Shoes Online Store receipt.php sql injection

A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and...

7.5CVSS7.3AI score0.00379EPSS
Exploits1References5
CVE
CVE
added 2025/11/19 8:32 p.m.17 views

CVE-2025-13410

CVE-2025-13410 affects Campcodes Retro Basketball Shoes Online Store 1.0. The vulnerable component is the file /admin/receipt.php , where an attacker can manipulate the tid argument to trigger a SQL injection. This is described as a remote, publicly disclosed vulnerability with exploitation detai...

9.8CVSS6.8AI score0.00379EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.6 views

CampCodes Retro Basketball Shoes Online Store SQL注入漏洞

CampCodes Retro Basketball Shoes Online Store is an online store for retro basketball shoes from CampCodes, Inc. A SQL injection vulnerability exists in CampCodes Retro Basketball Shoes Online Store version 1.0, which stems from incorrect manipulation of the parameter tid in the file...

9.8CVSS7.7AI score0.00379EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.14 views

PT-2025-47529

Name of the Vulnerable Software and Affected Versions Campcodes Retro Basketball Shoes Online Store version 1.0 Description A SQL injection issue exists in Campcodes Retro Basketball Shoes Online Store version 1.0. The issue is related to the manipulation of the tid argument in the...

7.5CVSS7.4AI score0.00379EPSS
Exploits1References9
Schneier on Security
Schneier on Security
added 2025/11/07 12:1 p.m.8 views

Faking Receipts with AI

Over the past few decades, it's become easier and easier to create fake receipts. Decades ago, it required special paper and printers--I remember a company in the UK advertising its services to people trying to cover up their affairs. Then, receipts became computerized, and faking them required...

6.7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-52459

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-51471

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-50422

Malicious code in bioql PyPI...

3.7CVSS8.7AI score0.00347EPSS
Exploits0References2
CVE
CVE
added 2025/08/30 6:2 p.m.20 views

CVE-2025-9701

CVE-2025-9701 affects SourceCodester Simple Cafe Billing System 1.0. The vulnerability is a SQL injection in the file /receipt.php, caused by manipulation of the ID parameter, enabling remote exploitation. Multiple linked sources (NVD, Red Hat, CVE lists, and security notes) confirm remote attack...

9.8CVSS7.3AI score0.00383EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/08/30 12:0 a.m.3 views

SourceCodester Simple Cafe Billing System 安全漏洞

SourceCodester Simple Cafe Billing System is an open source cafe billing system from SourceCodester. A security vulnerability exists in SourceCodester Simple Cafe Billing System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter ID in the file...

9.8CVSS7.7AI score0.00383EPSS
Exploits1References7
OSV
OSV
added 2025/07/13 6:15 p.m.3 views

CVE-2025-7536

A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pages/receiptcredit.php. The manipulation of the argument sid leads to sql injection. The attack may be launched remotely. The...

9.8CVSS5.8AI score0.00491EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/13 12:0 a.m.3 views

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in CampCodes Sales and Inventory System version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter sid in the file /pages/receiptcredit.php...

9.8CVSS7.8AI score0.00491EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2025/07/10 11:44 a.m.99 views

Complete Insurance Agency Management System

Campcodes Complete Sales and Inventory System V1.0 /pages/rece...

8.3AI score
Exploits0
Rows per page
Query Builder