CVE-2025-6311

Name of the Vulnerable Software and Affected Versions Campcodes Sales and Inventory System version 1.0

Description A critical issue was found in the system, affecting an unknown part of the file /pages/account add.php. The manipulation of the id/amount argument leads to SQL injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations For Campcodes Sales and Inventory System version 1.0, consider restricting access to the /pages/account add.php file until a patch is available. As a temporary workaround, avoid using the id/amount argument in the affected file to minimize the risk of exploitation.