A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pages/account_summary.php. The manipulation of the argument cid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/lanxia0/CVE/issues/6 | Exploit Issue Tracking Third Party Advisory |
https://vuldb.com/?ctiid.309010 | Permissions Required VDB Entry |
https://vuldb.com/?id.309010 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.568292 | Third Party Advisory VDB Entry |
https://www.campcodes.com/ | Product |
https://github.com/lanxia0/CVE/issues/6 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
27 May 2025, 14:10
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-15 19:15
Updated : 2025-05-27 14:10
NVD link : CVE-2025-4712
Mitre link : CVE-2025-4712
CVE.ORG link : CVE-2025-4712
JSON object : View
Products Affected
campcodes
- sales_and_inventory_system