Lucene search
K
CampcodesOnline Loan Management System

9 matches found

CVE
CVE
added 2025/08/31 8:2 p.m.28 views

CVE-2025-9744

CVE-2025-9744 affects Campcodes Online Loan Management System 1.0. A SQL injection vulnerability exists in the /ajax.php?action=login endpoint triggered by manipulating the Username parameter, enabling remote exploitation and potentially unauthorized access or data modification. Public exploits a...

9.8CVSS7.4AI score0.01664EPSS
CVE
CVE
added 2025/08/27 2:32 a.m.25 views

CVE-2025-9502

CVE-2025-9502 affects Campcodes Online Loan Management System v1.0. The vulnerability is an SQL injection in the function/file /ajax.php?action=save_payment (and variations like /ajax.php?action=save payment) caused by manipulation of the loan_id parameter. Attacks can be launched remotely and, p...

9.8CVSS7.5AI score0.00387EPSS
CVE
CVE
added 2025/08/27 3:2 a.m.23 views

CVE-2025-9503

This CVE records a SQL injection in Campcodes Online Loan Management System 1.0, specifically in an unknown function of /ajax.php?action=save_borrower where manipulating the lastname parameter can trigger exploitation. The vulnerability enables remote execution and has publicly disclosed exploits...

9.8CVSS7.8AI score0.00387EPSS
CVE
CVE
added 2025/08/27 4:2 a.m.19 views

CVE-2025-9506

CVE-2025-9506 affects Campcodes Online Loan Management System v1.0. The vulnerability is an SQL injection in the file /ajax.php?action=delete_plan caused by improper handling/manipulation of the ID parameter. It is exploitable remotely, with exploitation publicly disclosed. Connected sources corr...

9.8CVSS7.6AI score0.00387EPSS
CVE
CVE
added 2025/08/27 3:32 a.m.18 views

CVE-2025-9504

CVE-2025-9504 affects Campcodes Online Loan Management System 1.0. The vulnerability is an SQL injection in an unknown functionality of the file /ajax.php?action=save_plan, caused by manipulation of the ID argument. Exploitation can be performed remotely, and public exploits are available. Techni...

9.8CVSS7.7AI score0.00387EPSS
CVE
CVE
added 2025/09/08 10:32 p.m.17 views

CVE-2025-10109

CVE-2025-10109 affects Campcodes Online Loan Management System version 1.0. The vulnerability arises from improper handling of the parameter ID in the file /ajax.php?action=delete_payment, allowing remote attackers to execute SQL injection. Public exploitation has been disclosed. Affected product...

9.8CVSS7AI score0.00387EPSS
CVE
CVE
added 2025/08/27 3:32 a.m.17 views

CVE-2025-9505

CVE-2025-9505 affects Campcodes Online Loan Management System 1.0. The issue is a SQL injection in the file /ajax.php?action=save_loan_type caused by improper handling of the ID parameter. It's a network-exposed vulnerability with the potential for remote exploitation, and an exploit has been pub...

9.8CVSS7.4AI score0.00441EPSS
CVE
CVE
added 2025/08/29 9:32 p.m.17 views

CVE-2025-9678

CVE-2025-9678 affects Campcodes Online Loan Management System 1.0. The vulnerability is an SQL injection in the /ajax.php?action=delete_borrower endpoint, caused by manipulation of the ID parameter. It can be triggered remotely over the network and is publicly exploit-able according to the source...

9.8CVSS7.4AI score0.00387EPSS
CVE
CVE
added 2025/09/08 10:2 p.m.16 views

CVE-2025-10108

CVE-2025-10108 affects Campcodes Online Loan Management System 1.0. The vulnerability is a SQL injection in the /ajax.php?action=delete_loan handler triggered by manipulating the ID parameter. It is exploitable remotely and an exploit is public, implying potential for unauthorized data access or ...

9.8CVSS7AI score0.00441EPSS