3 matches found
CVE-2024-2832
Summary of CVE-2024-2832 : Campcodes Online Shopping System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the file /offersmail.php caused by improper handling of the email parameter. The issue allows an attacker to inject malicious scripts via remote access, with exploitation d...
CVE-2025-9691
CVE-2025-9691 affects Campcodes Online Shopping System 1.0; in /login.php, manipulating the Password argument enables SQL injection. This remote flaw is supported by multiple sources (NVD/Red Hat and others) and, per PT-2025-35361, a temporary mitigation is to restrict access to /login.php. Explo...
CVE-2025-9692
CVE-2025-9692 affects Campcodes Online Shopping System 1.0. The vulnerability is an SQL injection in /product.php via the p parameter. The attack can be performed remotely, and public exploit details exist. No patch/version fix information is provided in the supplied documents; remediation status...