19 matches found
CVE-2024-22625
CVE-2024-22625 affects the Complete Supplier Management System v1.0. A SQL Injection vulnerability exists in the parameter of /Supply_Management_System/admin/edit_category.php?id=, caused by improper input handling. The CVSS metrics indicate high impact across confidentiality, integrity, and avai...
CVE-2024-22626
CVE-2024-22626 affects the Complete Supplier Management System v1.0. The vulnerability is a SQL Injection in the endpoint /Supply_Management_System/admin/edit_retailer.php?id=, allowing potentially arbitrary SQL execution. Reported impact and details indicate a high-severity issue (CVSS 7.2, HIGH...
CVE-2024-8344
CVE-2024-8344 affects Campcodes Supplier Management System 1.0. The vulnerability is in /admin/edit_area.php where the id parameter can be manipulated to trigger SQL injection. It is exploitable remotely and exploitation has been disclosed publicly. Impact details in sources are limited; multiple...
CVE-2024-41550
CVE-2024-41550 affects CampCodes Supplier Management System v1.0. The issue is a SQL injection in Supply_Management_System/admin/view_invoice_items.php?id= (inputs not shown in URL). Root cause: improper handling of user-supplied input leading to database query manipulation; multiple sources (NVD...
CVE-2024-41551
The CVE describes a SQL injection vulnerability in CampCodes Supplier Management System v1.0, exploitable through the endpoint Supply_Management_System/admin/view_order_items.php?id=, affecting the application’s handling of the id parameter. Documented impact aligns with high severity CVSS signal...
CVE-2024-22627
CVE-2024-22627 affects Complete Supplier Management System v1.0 with a SQL Injection flaw in the endpoint /Supply_Management_System/admin/edit_distributor.php?id=. The CVSS data shows high impact to confidentiality, integrity, and availability (C/I/A: HIGH) with network attack vector and no user ...
CVE-2025-14514
Campcodes Supplier Management System 1.0 contains a SQL injection flaw in the /admin/add_distributor.php handler. The vulnerability is triggered by manipulating txtDistributorAddress, enabling remote exploitation. The attack can be initiated remotely and an exploit has been published, per multipl...
CVE-2025-14515
CVE-2025-14515 affects Campcodes Supplier Management System 1.0. Affected component: /admin/add_unit.php; the vulnerability arises from manipulating the argument txtunitDetails, leading to a SQL injection. The issue is exploitable remotely and an exploit has been publicly disclosed. No remediatio...
CVE-2026-0597
CVE-2026-0597 affects Campcodes Supplier Management System v1.0. The vulnerability is in the file /retailer/edit_profile.php where manipulation of the txtRetailerAddress parameter causes an SQL injection. Remote exploitation is possible and the exploit has been published. Public sources assign hi...
CVE-2025-14664
CVE-2025-14664 affects Campcodes Supplier Management System 1.0. The issue arises from the processing of the file /admin/view_unit.php where manipulation of the chkId[] parameter leads to an SQL injection. Remote exploitation is possible, and an exploit is publicly available. The Red Hat/EU ENISA...
CVE-2025-15207
CVE-2025-15207 affects Campcodes Supplier Management System 1.0, specifically the file /admin/view_products.php where manipulating the parameter chkId[] enables a SQL injection. Multiple connected documents corroborate remote exploitation and public disclosure of the exploit. Root cause is unsafe...
CVE-2025-13260
The vulnerability CVE-2025-13260 affects Campcodes Supplier Management System 1.0. It arises from improper handling of the cmbProductUnit parameter in the file /manufacturer/edit_product.php, enabling SQL injection. The issue is exploitable remotely and has been publicly disclosed. Connected sour...
CVE-2025-13554
CVE-2025-13554 affects Campcodes Supplier Management System 1.0, specifically the Login component in the file /index.php . The vulnerability arises from manipulating the parameter txtUsername , leading to SQL injection . The attack can be launched remotely, and the exploit has been publicly discl...
CVE-2025-14952
CVE-2025-14952 affects Campcodes Supplier Management System 1.0. The vulnerability lies in /admin/add_category.php where manipulating the txtCategoryName parameter leads to SQL injection. It is a remote issue and, according to multiple sources, the exploit is publicly available. The Red Hat and E...
CVE-2025-13259
Campcodes Supplier Management System 1.0 is affected by a SQL injection in /manufacturer/edit_unit.php caused by manipulated ID parameter. The issue allows remote attacker access with high impact on confidentiality, integrity, and availability per CVE details; exploitation is reported/possible in...
CVE-2025-13424
CVE-2025-13424 affects CampCodes Supplier Management System 1.0. The vulnerability is an SQL injection in the /admin/add_product.php endpoint, caused by unsafely handling the txtProductName parameter. Remote exploitation is possible and exploits have been disclosed publicly. The available documen...
CVE-2025-15206
The CVE-2025-15206 entry affects Campcodes Supplier Management System 1.0, with a vulnerability in the /admin/add_area.php script. Exploitation arises from manipulating the txtAreaCode parameter, enabling SQL injection from remote attackers. The issue is confirmed across multiple sources (NVD, Re...
CVE-2025-13291
CVE-2025-13291 affects Campcodes Supplier Management System 1.0. The SQL injection vulnerability resides in the /manufacturer/confirm_order.php file, triggered by manipulating the ID parameter. It is remotely exploitable and the exploit has been made public. Impact is described with high confiden...
CVE-2025-14877
The CVE-2025-14877 affects Campcodes Supplier Management System 1.0. A SQL injection vulnerability exists in the /admin/add_retailer.php endpoint, caused by unsafely handling the cmbAreaCode parameter. Attack can be carried out remotely, and a public exploit is available. Remediation/mitigation: ...