Campcodes · Campcodes Advanced Online Examination System · CVE-2025-14668
**Name of the Vulnerable Software and Affected Versions**
campcodes Advanced Online Examination System version 1.0
**Description**
A flaw exists in campcodes Advanced Online Examination System version 1.0 that allows for remote SQL injection. The issue is located in the file `/query/loginExe.php` and involves manipulation of the `Username` argument. The exploit is publicly available.
**Recommendations**
Apply input validation and sanitization to the `Username` argument in the `/query/loginExe.php` file.