A vulnerability, which was classified as critical, has been found in Campcodes Online Food Ordering System 1.0. This issue affects some unknown processing of the file /routers/ticket-message.php. The manipulation of the argument ticket_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/wyl091256/CVE/issues/12 | Exploit Issue Tracking Third Party Advisory |
https://vuldb.com/?ctiid.308207 | Permissions Required VDB Entry |
https://vuldb.com/?id.308207 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.566787 | Third Party Advisory VDB Entry |
https://www.campcodes.com/ | Product |
Configurations
History
13 May 2025, 18:57
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/wyl091256/CVE/issues/12 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.308207 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.308207 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.566787 - Third Party Advisory, VDB Entry | |
References | () https://www.campcodes.com/ - Product | |
First Time |
Campcodes
Campcodes online Food Ordering System |
|
CPE | cpe:2.3:a:campcodes:online_food_ordering_system:1.0:*:*:*:*:*:*:* |
12 May 2025, 17:32
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 May 2025, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-09 22:15
Updated : 2025-05-13 18:57
NVD link : CVE-2025-4492
Mitre link : CVE-2025-4492
CVE.ORG link : CVE-2025-4492
JSON object : View
Products Affected
campcodes
- online_food_ordering_system