8 matches found
CVE-2025-13274
CVE-2025-13274 affects Campcodes School Fees Payment Management System 1.0. The vulnerability is a SQL injection in the /ajax.php?action=delete_fees handler, caused by manipulation of the ID parameter. It can be exploited remotely and an exploit has been made public. The available connected docum...
CVE-2025-13272
CVE-2025-13272 affects Campcodes School Fees Payment Management System 1.0. The vulnerability is a SQL injection in the /manage_course.php file, triggered by manipulating the ID parameter in an unknown function. It is exploitable remotely and a public exploit is available. Impact is described as ...
CVE-2025-12612
CVE-2025-12612 affects Campcodes School Fees Payment Management System 1.0. The vulnerability stems from improper handling of the parameter in the /ajax.php?action=delete_course path, where manipulation of the ID enables a SQL injection. The issue is exploitable remotely and, per connected source...
CVE-2025-13270
The CVE-2025-13270 entry concerns Campcodes School Fees Payment Management System 1.0. A SQL injection flaw exists in the /ajax.php?action=save_course endpoint via manipulation of the ID parameter, reportedly exploitable remotely and with a public exploit available. Multiple connected sources cor...
CVE-2025-13271
Campcodes School Fees Payment Management System 1.0 is affected by a SQL injection in /ajax.php?action=login, caused by unsafely handling the Username parameter. Multiple connected sources (CNVD-2026-05370, RH:CVE-2025-13271, CNNVD-202511-1928, CVE-2025-13271 listings, and PT-2025-47133) confirm ...
CVE-2025-13057
Campcodes School Fees Payment Management System 1.0 is affected by a SQL injection in the /ajax.php?action=save_student handler, triggered by manipulating the ID parameter. The vulnerability is treatable as remote and exploitable without authentication in affected deployments; multiple sources re...
CVE-2025-13273
Campcodes School Fees Payment Management System 1.0 is affected by CVE-2025-13273 due to a SQL injection in the /ajax.php?action=delete_payment endpoint caused by unsafely manipulated ID parameters. Remote exploitation is possible, and an exploit has been publicly released. The issue is corrobora...
CVE-2025-13269
The CVE-2025-13269 entry affects Campcodes School Fees Payment Management System 1.0. A SQL injection vulnerability exists in the /ajax.php?action=save_payment handler, triggered by manipulating the ID parameter. Reports across CNVD, Red Hat advisory, CNNVD, CIRCL, and others confirm a remote-att...