10 matches found
CVE-2025-12338
CVE-2025-12338 affects Campcodes Retro Basketball Shoes Online Store 1.0. A SQL injection vulnerability arises from manipulating the pid argument in the /admin/admin_product.ph (or /admin/admin product.ph) file, allowing remote exploitation. Public PoCs exist; CVSS metrics indicate high impact on...
CVE-2025-12339
The CVE-2025-12339 vulnerability affects Campcodes Retro Basketball Shoes Online Store 1.0, specifically the /admin/admin_football.php component. The issue arises from improper handling of the pid parameter, enabling SQL injection. Exploitation is described as remote-initializable, with public di...
CVE-2025-14529
CVE-2025-14529 affects Campcodes Retro Basketball Shoes Online Store v1.0. The vulnerability is an SQL injection in an unknown function of /admin/admin_running.php triggered by manipulating the pid argument, with remote attack feasibility and published exploits. The issue stems from improper inpu...
CVE-2025-12337
CVE-2025-12337 affects Campcodes Retro Basketball Shoes Online Store 1.0. The vulnerability is a SQL injection in the admin feature, caused by manipulating the pid parameter in the file /admin/admin_feature.php. The issue is exploitable remotely and there are public exploits. Documents consistent...
CVE-2025-13423
CVE-2025-13423 affects Campcodes Retro Basketball Shoes Online Store 1.0. The vulnerability exists in an unknown function within /admin/admin_product.php where manipulating the product_image argument can lead to unrestricted file uploads. This can be exploited remotely; the exploit has been publi...
CVE-2025-13411
CVE-2025-13411 affects Campcodes Retro Basketball Shoes Online Store 1.0. A vulnerability exists in the /admin/admin_football.php handler where manipulating the product_image argument enables unrestricted file uploads. The vulnerability can be exploited remotely, and public exploits exist. Numero...
CVE-2025-12336
CVE-2025-12336 affects Campcodes Retro Basketball Shoes Online Store 1.0. The vulnerability is a SQL injection in the file /admin/admin_index.php caused by manipulation of the Username parameter. It is remote and publicly exploitable. Multiple sources confirm the issue and reference the same vuln...
CVE-2025-13410
CVE-2025-13410 affects Campcodes Retro Basketball Shoes Online Store 1.0. The vulnerable component is the file /admin/receipt.php , where an attacker can manipulate the tid argument to trigger a SQL injection. This is described as a remote, publicly disclosed vulnerability with exploitation detai...
CVE-2025-13412
CVE-2025-13412 affects Campcodes Retro Basketball Shoes Online Store 1.0. The vulnerability resides in /admin/admin_running.php where manipulating the product_name parameter can trigger cross-site scripting. The issue is exploitable remotely, and public disclosures exist. Public sources consisten...
CVE-2025-14219
CVE-2025-14219 concerns Campcodes Retro Basketball Shoes Online Store 1.0. The weakness is in an unknown function of the file /admin/admin_running.php where manipulation of the argument product_image enables unrestricted file upload. This could allow remote attackers to upload arbitrary files, wi...