PT-2025-35795 · Unknown · Campcodes Online Recruitment Management System

Chenjunjie

Publicado

2025-09-03

Atualizado

2025-09-09

CVE-2025-9920

CVSS v3.1

7.2

Alta

Vetor

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Campcodes Recruitment Management System version 1.0

Description A security flaw has been discovered that allows for remote file inclusion. The flaw impacts the include function of the file /admin/index.php. Manipulation of the page argument results in the vulnerability. The exploit has been released to the public.

Recommendations As a temporary workaround, restrict access to the /admin/index.php file.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-73

Identificadores relacionados

CVE-2025-9920

Produtos afetados

Campcodes Online Recruitment Management System

PT-2025-35795 · Unknown · Campcodes Online Recruitment Management System

CVE-2025-9920

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10