39 matches found
CVE-2025-4502
CVE-2025-4502 concerns Campcodes Sales and Inventory System 1.0. A SQL injection vulnerability resides in the creditor_add.php file, enabling remote exploitation. Multiple connected sources consistently describe a critical impact from manipulating this file, with exploitation disclosed publicly. ...
CVE-2025-4503
CVE-2025-4503 affects Campcodes Sales and Inventory System 1.0. The vulnerability is an SQL injection in the file /pages/customer_update.php caused by manipulating the ID parameter. It is described as exploitable remotely with public disclosures. The CVSS data across sources indicate high-impact ...
CVE-2025-4710
CVE-2025-4710 affects Campcodes Sales and Inventory System 1.0. The vulnerable component is /pages/transaction.php, where manipulation of the cid parameter enables SQL injection. Attacks may be executed remotely. Public exploit information is present in multiple sources. There is no explicit patc...
CVE-2025-4715
Campcodes Sales and Inventory System 1.0 contains a SQL injection in the /pages/view_application.php file. The vulnerability is triggered by manipulating the cid parameter, allowing remote exploitation. Multiple sources in the provided documents confirm the issue and its public disclosure, with n...
CVE-2025-4718
CVE-2025-4718 affects Campcodes Sales and Inventory System v1.0. A vulnerability in /pages/customer_add.php allows manipulation of the last parameter to perform SQL injection, with remote exploitation and public disclosure. Multiple sources corroborate the issue across NVD/Red Hat/CVE list entrie...
CVE-2025-4886
CVE-2025-4886 affects itsourcecode Sales and Inventory System 1.0. The vulnerability is a SQL injection in the file /pages/product_update.php caused by manipulation of the serial parameter. It can be exploited remotely and the exploit has been disclosed publicly; other parameters may be affected ...
CVE-2025-4885
CVE-2025-4885 affects the iSourcecode Sales and Inventory System 1.0. The vulnerability targets an unknown function in the file /pages/product_add.php, where manipulation of the serial parameter leads to an SQL injection. It is exploitable remotely, and the exploit has been disclosed publicly. Mu...
CVE-2025-4708
CVE-2025-4708 affects Campcodes Sales and Inventory System 1.0. The issue is an SQL injection in an unknown function of the file /pages/sales_add.php, triggered by manipulating the discount parameter. It is exploitable remotely, and the exploit has been disclosed publicly. Several connected sourc...
CVE-2025-4709
CVE-2025-4709 affects Campcodes Sales and Inventory System 1.0. The vulnerability is in an unknown functionality of the file /pages/transaction_del.php , where manipulating the ID parameter leads to an SQL injection. The issue is exploitable remotely and has been publicly disclosed. Multiple conn...
CVE-2025-4746
CVE-2025-4746 affects Campcodes Sales and Inventory System v1.0. The vulnerability is in /pages/purchase_delete.php where unsafely using the pr_id parameter enables remote SQL injection, potentially exposing database data. Public exploitation is noted in some sources. No patch/version fix is desc...
CVE-2025-4707
Campcodes Sales and Inventory System 1.0 is affected by CVE-2025-4707. The vulnerability arises from improper handling of the prod_name argument in the file /pages/transaction_add.php, enabling SQL injection. It can be triggered remotely, and multiple sources note public disclosure. In practice, ...
CVE-2025-4714
CVE-2025-4714 affects Campcodes Sales and Inventory System 1.0. The vulnerability is an SQL injection in the file /pages/reprint.php caused by manipulating the sid parameter, with remote exploitation possible. Several sources confirm impact and disclosure status, noting the issue is critical. No ...
CVE-2025-4716
The CVE-2025-4716 entry concerns Campcodes Sales and Inventory System v1.0. Affected component: the PHP file /pages/credit_transaction_add.php, where manipulating the prod_name parameter leads to an SQL injection. The vulnerability is exploitable remotely and exploitation has been publicly disclo...
CVE-2025-4719
CVE-2025-4719 affects Campcodes Sales and Inventory System v1.0. The flaw is in /pages/cash_transaction.php where manipulating the cid parameter enables SQL injection. Exploitation can be remote; public exploits exist. Documentation shows critical impact, but remediation details (official patch) ...
CVE-2025-4735
CVE-2025-4735 concerns Campcodes Sales and Inventory System 1.0. Affected functionality is in the file /pages/product.php where the Picture parameter is manipulated, leading to unrestricted/arbitrary file upload. The issue can be exploited remotely and the exploit has been disclosed publicly. Doc...
CVE-2025-4900
CVE-2025-4900 affects Campcodes Sales and Inventory System 1.0. The vulnerability is in the /pages/payment.php file where manipulation of the cid parameter enables SQL injection. Exploitation is reported as remote and the exploit has been disclosed publicly. Affected component is an unknown funct...
CVE-2025-4734
CVE-2025-4734 affects Campcodes Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/ci_update.php; manipulating the Name (and/or id/name) parameter leads to SQL injection. Exploitation is possible remotely and has been disclosed publicly. Multiple sources describe a...
CVE-2025-4712
CVE-2025-4712 affects Campcodes Sales and Inventory System 1.0. The vulnerability is a SQL injection in the /pages/account_summary.php file, triggered by manipulating the cid argument. It is exploitable remotely and has publicly disclosed exploit details, per multiple connected sources (NVD, Red ...
CVE-2025-4713
Summary: CVE-2025-4713 affects Campcodes Sales and Inventory System 1.0, with a SQL injection vulnerability in the /pages/print.php handler. The root cause is improper handling of the sid parameter, enabling remote exploitation. Public exploit exposure is noted in several references (NVD/Red Hat/...
CVE-2025-4711
CVE-2025-4711 affects Campcodes Sales and Inventory System 1.0. The vulnerability resides in the file /pages/stockin_add.php where manipulating the parameter prod_name leads to a SQL injection . It can be initiated remotely, and multiple sources describe the issue as critical . The connected docu...
CVE-2025-4814
CVE-2025-4814 affects Campcodes Sales and Inventory System 1.0. A SQL injection vulnerability exists in the /pages/supplier_add.php file, caused by unsafe handling of the Name parameter. The issue is exploitable remotely and has had exploits disclosed publicly. Multiple sources classify the impac...
CVE-2025-4815
CVE-2025-4815 affects Campcodes Sales and Inventory System v1.0. The vulnerability is a SQL injection in the file /pages/supplier_update.php triggered by manipulating the Name argument, potentially exploitable remotely. The exploitation was disclosed publicly. Connected sources corroborate the is...
CVE-2025-4899
CVE-2025-4899 affects Campcodes Sales and Inventory System 1.0. The vulnerability lies in the /pages/transaction_update.php file where the ID parameter is manipulated, enabling SQL injection. This can be exploited remotely, and the exploit has been publicly disclosed. Remediation guidance from PT...
CVE-2025-4741
CVE-2025-4741 affects Campcodes Sales and Inventory System 1.0. The vulnerability resides in the file /pages/purchase_add.php where the ID parameter can be manipulated to cause a SQL injection. Exploitation is described as remote and the vulnerability is publicly disclosed. Multiple connected sou...
CVE-2025-6314
CVE-2025-6314 affects Campcodes Sales and Inventory System 1.0. The vulnerability is an SQL injection in the file /pages/cat_update.php triggered by manipulating the ID parameter. Exploitation is remote, and public exploits are reported. Product details in the connected docs consistently point to...
CVE-2025-6935
CVE-2025-6935 affects Campcodes Sales and Inventory System 1.0. The vulnerability is in the file /pages/payment_add.php, where manipulating the parameter cid leads to SQL injection. Attackers could exploit this remotely, and public disclosures exist. Multiple sources (NVD entry and Red Hat/CVE re...
CVE-2025-7469
CVE-2025-7469 affects Campcodes Sales and Inventory System 1.0. The vulnerability is an SQL injection in the handling of the prod_name argument in the file /pages/product_add.php, caused by improper input processing. Exploitation can be remote and the exploit has been disclosed publicly. The issu...
CVE-2025-7535
CVE-2025-7535 affects Campcodes Sales and Inventory System 1.0. The vulnerability is in an unknown function of /pages/reprint_cash.php where manipulation of the sid parameter enables SQL injection. Exploitation is possible remotely and public disclosure has occurred. Connected sources confirm the...
CVE-2025-7536
CVE-2025-7536 affects Campcodes Sales and Inventory System 1.0. Affected component: the file /pages/receipt_credit.php, where manipulating the sid parameter triggers a SQL injection. Exploitation is remote and the exploit has been disclosed publicly. Several sources (NVD, RH, etc.) cite a critica...
CVE-2025-6313
CVE-2025-6313 affects Campcodes Sales and Inventory System 1.0. A vulnerability in /pages/cat_add.php allows SQL injection via the Category parameter. It is remotely exploitable, with public disclosure of the exploit. Multiple sources confirm impact and configuration details but do not provide a ...
CVE-2025-6311
CVE-2025-6311 affects Campcodes Sales and Inventory System 1.0, with vulnerability located in the file /pages/account_add.php. The issue arises from manipulation of the id/amount parameter, enabling SQL injection that can be exploited remotely and has been disclosed publicly. Multiple sources con...
CVE-2025-7183
CVE-2025-7183 affects Campcodes Sales and Inventory System 1.0, specifically the file /pages/customer_account.php where the manipulation of the parameter Customer leads to a SQL injection. The vulnerability can be exploited remotely, and the exploit has been disclosed publicly. Multiple connected...
CVE-2025-7538
The CVE-2025-7538 entry describes a critical unrestricted upload vulnerability in Campcodes Sales and Inventory System 1.0. It affects unknown code within the file /pages/product_update.php where manipulating the image argument enables remote exploitation. The exploit has been publicly disclosed,...
CVE-2025-7470
CVE-2025-7470 affects Campcodes Sales and Inventory System 1.0. The vulnerability is in the /pages/product_add.php file where manipulating the image parameter enables unrestricted file upload from remote attackers. Public disclosure of the exploit is noted across multiple sources. Root cause: ins...
CVE-2025-9922
CVE-2025-9922 affects Campcodes Sales and Inventory System 1.0, where manipulating the page parameter in /index.php enables cross-site scripting (XSS). The vulnerability is exploitable remotely and exploit leverages an unknown functionality in /index.php. Public disclosures exist. Impact is limit...
CVE-2025-7537
CVE-2025-7537 affects Campcodes Sales and Inventory System 1.0. The vulnerability is an SQL injection in the file “/pages/product_update.php” caused by improper handling of the ID parameter, enabling remote exploitation. Public exploit/disclosure is noted. Impact is described as high/critical dep...
CVE-2025-9923
CVE-2025-9923 — Affected product: Campcodes Sales and Inventory System 1.0. The flaw is a cross-site scripting (XSS) vulnerability in an unknown part of the file /index.php, triggered by manipulating the page argument. The attack can be launched remotely, and exploits have been published. Public ...
CVE-2025-6312
CVE-2025-6312 affects Campcodes Sales and Inventory System v1.0, with SQL injection in /pages/cash_transaction.php via the cid parameter. The vulnerability is exploitable remotely and exploits have been disclosed publicly. Multiple sources (including Red Hat and PT Security) indicate a lack of a ...
CVE-2025-7933
CVE-2025-7933 affects Campcodes Sales and Inventory System 1.0, specifically the Setting Handler’s /pages/settings_update.php where manipulating the ID argument causes a SQL injection. This is exploitable remotely and the exploit has been disclosed publicly. Remediation guidance across connected ...