Filtered by vendor Campcodes
Subscribe
Total
299 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4503 | 1 Campcodes | 1 Sales And Inventory System | 2025-05-16 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/customer_update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4489 | 1 Campcodes | 1 Online Food Ordering System | 2025-05-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/user-router.php. The manipulation of the argument t1_verified leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4490 | 1 Campcodes | 1 Online Food Ordering System | 2025-05-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /view-ticket-admin.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4491 | 1 Campcodes | 1 Online Food Ordering System | 2025-05-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in Campcodes Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /routers/ticket-status.php. The manipulation of the argument ticket_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4492 | 1 Campcodes | 1 Online Food Ordering System | 2025-05-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, has been found in Campcodes Online Food Ordering System 1.0. This issue affects some unknown processing of the file /routers/ticket-message.php. The manipulation of the argument ticket_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4506 | 1 Campcodes | 1 Online Food Ordering System | 2025-05-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/menu-router.php. The manipulation of the argument 1_price leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4507 | 1 Campcodes | 1 Online Food Ordering System | 2025-05-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /routers/add-item.php. The manipulation of the argument price leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4548 | 1 Campcodes | 1 Online Food Ordering System | 2025-05-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /routers/router.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4549 | 1 Campcodes | 1 Online Food Ordering System | 2025-05-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in Campcodes Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /routers/register-router.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-2777 | 1 Campcodes | 1 Online Marriage Registration System | 2025-04-30 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in Campcodes/PHPGurukul Online Marriage Registration System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/application-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-0625 | 1 Campcodes | 1 School Management Software | 2025-03-28 | 2.1 LOW | 3.1 LOW |
| A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. The manipulation leads to improper control of resource identifiers. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1159 | 1 Campcodes | 1 School Management Software | 2025-03-28 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in CampCodes School Management Software 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /academic-calendar. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-28456 | 1 Campcodes | 1 Online Marriage Registration System | 2025-03-27 | N/A | 5.4 MEDIUM |
| Cross Site Scripting vulnerability in Campcodes Online Marriage Registration System v.1.0 allows a remote attacker to execute arbitrary code via the text fields in the marriage registration request form. | |||||
| CVE-2024-33403 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /model/get_events.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the event_id parameter. | |||||
| CVE-2024-33404 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 8.3 HIGH |
| A SQL injection vulnerability in /model/add_student_first_payment.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the index parameter. | |||||
| CVE-2024-33405 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 8.6 HIGH |
| SQL injection vulnerability in add_friends.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the friend_index parameter. | |||||
| CVE-2024-33406 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 7.3 HIGH |
| SQL injection vulnerability in /model/delete_student_grade_subject.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the index parameter. | |||||
| CVE-2024-33407 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 5.9 MEDIUM |
| SQL injection vulnerability in /model/delete_record.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2024-33408 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /model/get_classroom.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2024-33409 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability in index.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the name parameter. | |||||