Lucene search
+L
CampcodesGrocery Sales And Inventory System

15 matches found

CVE
CVE
added 2025/09/16 9:32 p.m.27 views

CVE-2025-10566

CVE-2025-10566 affects Campcodes Grocery Sales and Inventory System 1.0. The vulnerability exploits the page parameter in /index.php?page=users to trigger cross-site scripting, with remote exploitation possible and a publicly available exploit. Affected component is the /index.php?page=users logi...

6.1CVSS5.4AI score0.00322EPSS
CVE
CVE
added 2025/09/14 10:32 p.m.26 views

CVE-2025-10414

The CVE-2025-10414 entry concerns Campcodes Grocery Sales and Inventory System 1.0. The vulnerability is a SQL injection in the file /ajax.php?action=save_customer, triggered by manipulating the ID argument. It is described as remotely exploitable and the exploit has been publicized. Root cause i...

9.8CVSS6.6AI score0.00383EPSS
CVE
CVE
added 2025/09/15 12:2 a.m.26 views

CVE-2025-10417

CVE-2025-10417 affects Campcodes Grocery Sales and Inventory System 1.0. The vulnerability lies in the file /ajax.php?action=delete_product where manipulating the parameter ID results in a SQL injection, enabling remote exploitation. Multiple connected sources confirm the flaw and that exploits h...

9.8CVSS7.3AI score0.00441EPSS
CVE
CVE
added 2025/09/16 7:2 p.m.26 views

CVE-2025-10562

CVE-2025-10562 affects Campcodes Grocery Sales and Inventory System v1.0. The flaw is in /ajax.php?action=save_product where manipulation of the ID parameter enables SQL injection, allowing remote exploitation (exploit published). The CVSS indicates high/critical impact across confidentiality, in...

9.8CVSS6.4AI score0.00398EPSS
CVE
CVE
added 2025/09/14 11:2 p.m.24 views

CVE-2025-10415

CVE-2025-10415 affects Campcodes Grocery Sales and Inventory System version 1.0. The vulnerability is a SQL injection in the file /ajax.php?action=save_supplier caused by manipulation of the ID argument, exploitable remotely. Public exploitation/public disclosure is noted. CVSS details from sourc...

9.8CVSS6.6AI score0.00383EPSS
CVE
CVE
added 2025/09/16 8:2 p.m.23 views

CVE-2025-10563

CVE-2025-10563 affects Campcodes Grocery Sales and Inventory System 1.0. The bug is in /ajax.php?action=save_category where manipulating the ID parameter enables SQL injection. Exploitation is remote and publicly disclosed. Impact is described as high for confidentiality, integrity, and availabil...

9.8CVSS7.3AI score0.00438EPSS
CVE
CVE
added 2025/09/22 6:32 a.m.23 views

CVE-2025-10786

Campaign: CVE-2025-10786 concerns Campcodes Grocery Sales and Inventory System 1.0. The vulnerability resides in the file /ajax.php?action=delete_user, where manipulation of the ID parameter enables SQL injection. Attack is remote and requires no authentication. An exploit has been published and ...

9.8CVSS7.3AI score0.00521EPSS
CVE
CVE
added 2025/09/22 6:2 a.m.22 views

CVE-2025-10785

Campcodes Grocery Sales and Inventory System 1.0 contains a SQL injection in /manage_user.php via manipulation of the ID parameter. The issue is exploitable remotely, and public exploits are available. Multiple sources (NVD, Red Hat, CVE listings, and third-party databases) consistently describe ...

9.8CVSS7.3AI score0.00521EPSS
CVE
CVE
added 2025/09/06 12:32 p.m.21 views

CVE-2025-10032

CVE-2025-10032 – Campcodes Grocery Sales and Inventory System 1.0 has a cross-site scripting flaw in the unknown function of the file /index.php. Manipulating the page parameter allows remote script execution; the exploit is publicly available. Multiple connected sources corroborate the same issu...

6.1CVSS4.2AI score0.00386EPSS
CVE
CVE
added 2025/09/14 10:2 p.m.21 views

CVE-2025-10413

CVE-2025-10413 affects Campcodes Grocery Sales and Inventory System 1.0. The vulnerability is an SQL injection in the file /ajax.php?action=delete_customer, triggered by manipulating the ID parameter. This can be exploited remotely, and public disclosures exist. Connected sources confirm the issu...

9.8CVSS7.3AI score0.00383EPSS
CVE
CVE
added 2025/09/16 8:32 p.m.21 views

CVE-2025-10564

CVE-2025-10564 affects Campcodes Grocery Sales and Inventory System 1.0. The vulnerability is a SQL injection in the unknown function of /ajax.php?action=delete_category, triggered by manipulating the ID parameter. It is exploitable remotely, and the exploit has been made public. Some connected s...

9.8CVSS6.6AI score0.00387EPSS
CVE
CVE
added 2025/09/06 10:32 a.m.20 views

CVE-2025-10030

CVE-2025-10030 concerns Campcodes Grocery Sales and Inventory System 1.0. The vulnerability affects the file /ajax.php?action=save_receiving where manipulation of the argument ID can lead to a SQL injection. It is described as exploitable remotely and the exploit has been made publicly available....

9.8CVSS7.3AI score0.00441EPSS
CVE
CVE
added 2025/09/16 8:32 p.m.20 views

CVE-2025-10565

CVE-2025-10565 affects Campcodes Grocery Sales and Inventory System 1.0. A SQL injection exists in the /ajax.php?action=delete_receiving endpoint, triggered by manipulating the ID parameter. Several connected sources confirm remote exploitation possibilities and public disclosure of the exploit. ...

9.8CVSS6.6AI score0.00387EPSS
CVE
CVE
added 2025/09/06 12:2 p.m.19 views

CVE-2025-10031

The CVE-2025-10031 entry concerns Campcodes Grocery Sales and Inventory System 1.0. The vulnerability is a SQL injection in the /ajax.php?action=delete_sales function caused by improper handling of the ID parameter, enabling remote exploitation. Public disclosures exist; CVSS vectors indicate hig...

9.8CVSS6.7AI score0.00441EPSS
CVE
CVE
added 2025/09/14 11:32 p.m.19 views

CVE-2025-10416

Campcodes Grocery Sales and Inventory System 1.0 has a SQL injection vulnerability in /ajax.php?action=delete_supplier caused by unsafely handling the ID parameter. This remote‑accessible flaw can lead to unauthorized database access and manipulation; public exploits exist. Root cause: improper i...

9.8CVSS7.3AI score0.00387EPSS