Liule960117

#7150of 53,633
38.2Total CVSS
Vulnerabilities · 4
High
1
Critical
3
PT-2025-44750
9.8
2025-11-03
Itsourcecode · Itsourcecode Billing System · CVE-2025-12617
**Name of the Vulnerable Software and Affected Versions** itsourcecode Billing System version 1.0 **Description** A flaw exists in itsourcecode Billing System 1.0. The issue affects an unknown function within the `/admin/app/login crud.php` file. Manipulation of the `Password` argument can lead to a SQL injection. The attack can be launched remotely. An exploit for this issue has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-39151
8.8
2025-09-23
Campcodes · Campcodes Society Membership Information System · CVE-2025-10848
**Name of the Vulnerable Software and Affected Versions** Campcodes Society Membership Information System version 1.0 **Description** A flaw exists in Campcodes Society Membership Information System that allows for remote SQL injection. The issue stems from improper handling of the `student id` argument within the `/check student.php` file. Exploitation of this issue is possible remotely and a public exploit is available. **Recommendations** Apply appropriate input validation and sanitization to the `student id` parameter in the `/check student.php` file.
PT-2025-39152
9.8
2025-09-23
Campcodes · Campcodes Farm Management System · CVE-2025-10851
**Name of the Vulnerable Software and Affected Versions** Campcodes Gym Management System version 1.0 **Description** A security flaw exists in Campcodes Gym Management System version 1.0. The issue involves a SQL injection that can be triggered by manipulating the `Username` argument in the `/ajax.php?action=login` file. This allows for remote exploitation. The exploit for this issue has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-39156
9.8
2025-09-23
Unknown · Campcodes Point Of Sale System Pos · CVE-2025-10857
**Name of the Vulnerable Software and Affected Versions** Campcodes Point of Sale System POS version 1.0 **Description** A security flaw exists in Campcodes Point of Sale System POS 1.0, related to unknown functionality within the /login.php file. Manipulation of the `Username` argument can lead to a SQL injection. This attack can be carried out remotely. The exploit for this issue has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.