3 matches found
CVE-2025-8952
CVE-2025-8952 affects Campcodes Online Flight Booking Management System 1.0. The vulnerability is in the login component, specifically the unknown functionality of /admin/ajax.php?action=login, where manipulating the Username parameter leads to an SQL injection. It can be executed remotely over t...
CVE-2025-8957
CVE-2025-8957 affects Campcodes Online Flight Booking Management System 1.0. The vulnerability is an SQL injection in the file /flights.php via the departure_airport_id parameter. It can be exploited remotely, and public disclosures exist. Connected documents consistently describe the issue and i...
CVE-2025-8960
The affected product is Campcodes Online Flight Booking Management System 1.0. The vulnerability exists in the /admin/save_airlines.php functionality and is triggered by manipulating the ID parameter to cause SQL injection. Exploitation is remote and the exploit has been publicly disclosed. Impac...