10 matches found
CVE-2025-6957
Campcodes Employee Management System 1.0 has a SQL injection in /process/eprocess.php caused by manipulating the mailuid parameter. Remote exploitation is possible, and public PoC/exploit information exists. The vulnerability is described as critical/high depending on source, with impact on confi...
CVE-2025-6962
The CVE-2025-6962 entry concerns Campcodes Employee Management System 1.0. The vulnerability is an SQL injection in the /myprofileup.php file triggered by manipulating the ID parameter, with remote exploitation possible and public disclosure of exploits. Concrete details across connected document...
CVE-2025-6954
CVE-2025-6954 concerns Campcodes Employee Management System 1.0, where an attacker can exploit SQL injection by manipulating the ID argument in /applyleave.php. The root cause is improper handling of the ID parameter, enabling remote exploitation with no user interaction. Reported CVSS metrics in...
CVE-2025-6958
CVE-2025-6958 affects Campcodes Employee Management System 1.0. The vulnerability is an SQL injection in the processing of the file /edit.php triggered by manipulating the id/ID parameter, enabling remote exploitation. Multiple sources (NVD, Red Hat, CVE lists, PT-SEC) corroborate the impact as c...
CVE-2025-6961
CVE-2025-6961 affects Campcodes Employee Management System 1.0, with a SQL injection in /mark.php caused by manipulation of the ID parameter. Exploitation is network-remotely executable and publicly disclosed. Affected software is CMS v1.0; root cause is improper handling of the ID argument in ma...
CVE-2025-6963
CVE-2025-6963 affects Campcodes Employee Management System 1.0, with the SQL injection arising from improper handling of the ID parameter in /myprofile.php. The vulnerability targets unknown code paths in that file and can be triggered remotely. Multiple sources describe it as a critical issue wi...
CVE-2025-6956
CVE-2025-6956 affects Campcodes Employee Management System 1.0. The vulnerability is an SQL injection in the file /changepassemp.php caused by manipulation of the ID parameter, allowing remote exploitation. Multiple sources confirm a critical severity and public exploitation potential. A practica...
CVE-2025-6955
CVE-2025-6955 affects Campcodes Employee Management System 1.0, with a vulnerability in the /process/aprocess.php file where manipulating the mailuid parameter causes an SQL injection. The issue is exploitable remotely and has public PoC/details in multiple sources; exploitation details are not u...
CVE-2025-6959
The CVE-2025-6959 entry concerns Campcodes Employee Management System 1.0. The vulnerability affects an unknown function in the file /eloginwel.php where manipulation of the ID parameter enables SQL injection. It is exploitable remotely and, according to the sources, the exploit has been disclose...
CVE-2025-6960
CVE-2025-6960 affects Campcodes Employee Management System v1.0. The vulnerability is an SQL injection in an unknown functionality of the file /empproject.php caused by manipulation of the ID argument. It is exploitable remotely and has been disclosed publicly. Multiple sources corroborate a seve...