Lucene search
K
CampcodesSupplier Management System

19 matches found

CVE
CVE
added 2024/01/16 12:0 a.m.218 views

CVE-2024-22625

CVE-2024-22625 affects the Complete Supplier Management System v1.0. A SQL Injection vulnerability exists in the parameter of /Supply_Management_System/admin/edit_category.php?id=, caused by improper input handling. The CVSS metrics indicate high impact across confidentiality, integrity, and avai...

7.2CVSS7.4AI score0.00745EPSS
CVE
CVE
added 2024/01/16 12:0 a.m.216 views

CVE-2024-22626

CVE-2024-22626 affects the Complete Supplier Management System v1.0. The vulnerability is a SQL Injection in the endpoint /Supply_Management_System/admin/edit_retailer.php?id=, allowing potentially arbitrary SQL execution. Reported impact and details indicate a high-severity issue (CVSS 7.2, HIGH...

7.2CVSS7.4AI score0.00707EPSS
CVE
CVE
added 2024/08/30 4:31 p.m.52 views

CVE-2024-8344

CVE-2024-8344 affects Campcodes Supplier Management System 1.0. The vulnerability is in /admin/edit_area.php where the id parameter can be manipulated to trigger SQL injection. It is exploitable remotely and exploitation has been disclosed publicly. Impact details in sources are limited; multiple...

8.8CVSS7.1AI score0.00465EPSS
CVE
CVE
added 2024/07/24 12:0 a.m.48 views

CVE-2024-41550

CVE-2024-41550 affects CampCodes Supplier Management System v1.0. The issue is a SQL injection in Supply_Management_System/admin/view_invoice_items.php?id= (inputs not shown in URL). Root cause: improper handling of user-supplied input leading to database query manipulation; multiple sources (NVD...

7.2CVSS8AI score0.00488EPSS
CVE
CVE
added 2024/07/24 12:0 a.m.48 views

CVE-2024-41551

The CVE describes a SQL injection vulnerability in CampCodes Supplier Management System v1.0, exploitable through the endpoint Supply_Management_System/admin/view_order_items.php?id=, affecting the application’s handling of the id parameter. Documented impact aligns with high severity CVSS signal...

9.8CVSS8AI score0.00405EPSS
CVE
CVE
added 2024/01/16 12:0 a.m.33 views

CVE-2024-22627

CVE-2024-22627 affects Complete Supplier Management System v1.0 with a SQL Injection flaw in the endpoint /Supply_Management_System/admin/edit_distributor.php?id=. The CVSS data shows high impact to confidentiality, integrity, and availability (C/I/A: HIGH) with network attack vector and no user ...

7.2CVSS7.4AI score0.00707EPSS
CVE
CVE
added 2025/12/11 11:32 a.m.22 views

CVE-2025-14514

Campcodes Supplier Management System 1.0 contains a SQL injection flaw in the /admin/add_distributor.php handler. The vulnerability is triggered by manipulating txtDistributorAddress, enabling remote exploitation. The attack can be initiated remotely and an exploit has been published, per multipl...

9.8CVSS7.2AI score0.0035EPSS
CVE
CVE
added 2025/12/11 12:2 p.m.21 views

CVE-2025-14515

CVE-2025-14515 affects Campcodes Supplier Management System 1.0. Affected component: /admin/add_unit.php; the vulnerability arises from manipulating the argument txtunitDetails, leading to a SQL injection. The issue is exploitable remotely and an exploit has been publicly disclosed. No remediatio...

9.8CVSS7.3AI score0.00326EPSS
CVE
CVE
added 2026/01/05 2:32 p.m.19 views

CVE-2026-0597

CVE-2026-0597 affects Campcodes Supplier Management System v1.0. The vulnerability is in the file /retailer/edit_profile.php where manipulation of the txtRetailerAddress parameter causes an SQL injection. Remote exploitation is possible and the exploit has been published. Public sources assign hi...

9.8CVSS6.3AI score0.00277EPSS
CVE
CVE
added 2025/12/14 2:32 p.m.18 views

CVE-2025-14664

CVE-2025-14664 affects Campcodes Supplier Management System 1.0. The issue arises from the processing of the file /admin/view_unit.php where manipulation of the chkId[] parameter leads to an SQL injection. Remote exploitation is possible, and an exploit is publicly available. The Red Hat/EU ENISA...

9.8CVSS7.2AI score0.00333EPSS
CVE
CVE
added 2025/12/29 10:2 p.m.17 views

CVE-2025-15207

CVE-2025-15207 affects Campcodes Supplier Management System 1.0, specifically the file /admin/view_products.php where manipulating the parameter chkId[] enables a SQL injection. Multiple connected documents corroborate remote exploitation and public disclosure of the exploit. Root cause is unsafe...

9.8CVSS7.3AI score0.00434EPSS
Web
CVE
CVE
added 2025/11/17 3:2 a.m.16 views

CVE-2025-13260

The vulnerability CVE-2025-13260 affects Campcodes Supplier Management System 1.0. It arises from improper handling of the cmbProductUnit parameter in the file /manufacturer/edit_product.php, enabling SQL injection. The issue is exploitable remotely and has been publicly disclosed. Connected sour...

8.8CVSS6.5AI score0.00277EPSS
CVE
CVE
added 2025/11/23 3:2 p.m.16 views

CVE-2025-13554

CVE-2025-13554 affects Campcodes Supplier Management System 1.0, specifically the Login component in the file /index.php . The vulnerability arises from manipulating the parameter txtUsername , leading to SQL injection . The attack can be launched remotely, and the exploit has been publicly discl...

9.8CVSS7.3AI score0.00339EPSS
CVE
CVE
added 2025/12/19 2:32 p.m.16 views

CVE-2025-14952

CVE-2025-14952 affects Campcodes Supplier Management System 1.0. The vulnerability lies in /admin/add_category.php where manipulating the txtCategoryName parameter leads to SQL injection. It is a remote issue and, according to multiple sources, the exploit is publicly available. The Red Hat and E...

9.8CVSS7.2AI score0.00371EPSS
CVE
CVE
added 2025/11/17 2:32 a.m.14 views

CVE-2025-13259

Campcodes Supplier Management System 1.0 is affected by a SQL injection in /manufacturer/edit_unit.php caused by manipulated ID parameter. The issue allows remote attacker access with high impact on confidentiality, integrity, and availability per CVE details; exploitation is reported/possible in...

8.8CVSS6.4AI score0.00277EPSS
CVE
CVE
added 2025/11/20 12:2 a.m.14 views

CVE-2025-13424

CVE-2025-13424 affects CampCodes Supplier Management System 1.0. The vulnerability is an SQL injection in the /admin/add_product.php endpoint, caused by unsafely handling the txtProductName parameter. Remote exploitation is possible and exploits have been disclosed publicly. The available documen...

9.8CVSS6.6AI score0.00333EPSS
CVE
CVE
added 2025/12/29 9:32 p.m.14 views

CVE-2025-15206

The CVE-2025-15206 entry affects Campcodes Supplier Management System 1.0, with a vulnerability in the /admin/add_area.php script. Exploitation arises from manipulating the txtAreaCode parameter, enabling SQL injection from remote attackers. The issue is confirmed across multiple sources (NVD, Re...

9.8CVSS7.1AI score0.00434EPSS
Web
CVE
CVE
added 2025/11/17 5:2 p.m.11 views

CVE-2025-13291

CVE-2025-13291 affects Campcodes Supplier Management System 1.0. The SQL injection vulnerability resides in the /manufacturer/confirm_order.php file, triggered by manipulating the ID parameter. It is remotely exploitable and the exploit has been made public. Impact is described with high confiden...

9.8CVSS7.2AI score0.00346EPSS
CVE
CVE
added 2025/12/18 4:2 p.m.10 views

CVE-2025-14877

The CVE-2025-14877 affects Campcodes Supplier Management System 1.0. A SQL injection vulnerability exists in the /admin/add_retailer.php endpoint, caused by unsafely handling the cmbAreaCode parameter. Attack can be carried out remotely, and a public exploit is available. Remediation/mitigation: ...

9.8CVSS6.8AI score0.00326EPSS