Campcodes · Campcodes School Log Management System · CVE-2025-14209
**Name of the Vulnerable Software and Affected Versions**
Campcodes School File Management System version 1.0
**Description**
A flaw exists in Campcodes School File Management System that allows for SQL injection. The issue is related to the manipulation of the `stud id` argument within the /update query.php file and an unknown function. This can be exploited remotely. The exploit is publicly available.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.