Campcodes · Campcodes Supplier Management System · CVE-2025-13291
**Name of the Vulnerable Software and Affected Versions**
Campcodes Supplier Management System version 1.0
**Description**
A flaw exists in Campcodes Supplier Management System that allows for SQL injection. This issue affects the /manufacturer/confirm order.php file. Manipulation of the `ID` argument can trigger the flaw, enabling remote attacks. The exploit has been publicly released.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.