CVE-2025-13555

The CVE-2025-13555 affects Campcodes School File Management System 1.0, specifically the Login component’s /index.php where manipulating the stud_no parameter enables SQL injection. The root cause is an injectable query in the affected file that can be exploited remotely; public exploits exist. M...

CVE-2025-15404

CVE-2025-15404 affects CampCodes School File Management System 1.0. A vulnerability in an unknown function within /save_file.php allows manipulation of the File argument that leads to unrestricted upload. The issue appears to be exploitable remotely, and multiple sources indicate the exploit has ...

CVE-2025-12873

CVE-2025-12873 affects Campcodes School File Management 1.0. The vulnerability is in the /admin/update_user.php endpoint and stems from improper handling of the parameter user_id , enabling remote SQL injection. Multiple sources confirm the exploit is public and that attacker-controlled input can...

CVE-2025-14209

CVE-2025-14209 affects Campcodes School File Management System 1.0. A vulnerability in the file /update_query.php allows SQL injection through the parameter (stud_id/student_id depending on source). The issue enables remote exploitation and has publicly available exploits. Impact is described as ...