A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pages/credit_transaction_add.php. The manipulation of the argument prod_name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/lanxia0/CVE/issues/10 | Exploit Issue Tracking Third Party Advisory |
https://vuldb.com/?ctiid.309014 | Permissions Required VDB Entry |
https://vuldb.com/?id.309014 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.568296 | Third Party Advisory VDB Entry |
https://www.campcodes.com/ | Product |
https://github.com/lanxia0/CVE/issues/10 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
27 May 2025, 14:11
Type | Values Removed | Values Added |
---|---|---|
First Time |
Campcodes sales And Inventory System
Campcodes |
|
CPE | cpe:2.3:a:campcodes:sales_and_inventory_system:1.0:*:*:*:*:*:*:* | |
References | () https://github.com/lanxia0/CVE/issues/10 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.309014 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.309014 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.568296 - Third Party Advisory, VDB Entry | |
References | () https://www.campcodes.com/ - Product |
19 May 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/lanxia0/CVE/issues/10 - |
16 May 2025, 14:42
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
15 May 2025, 20:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-15 20:16
Updated : 2025-05-27 14:11
NVD link : CVE-2025-4716
Mitre link : CVE-2025-4716
CVE.ORG link : CVE-2025-4716
JSON object : View
Products Affected
campcodes
- sales_and_inventory_system