CVE-2025-7121

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Campcodes Complaint Management System version 1.0

Description: A critical issue has been found in the system, affecting an unknown part of the /users/complaint-details.php file. The manipulation of the cid argument leads to SQL injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations: For Campcodes Complaint Management System version 1.0, consider disabling the cid argument in the /users/complaint-details.php file until a patch is available to prevent SQL injection attacks. Restrict access to the complaint-details.php file to minimize the risk of exploitation. Avoid using the cid argument in the affected file until the issue is resolved.

Exploit

Fix

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-89

Related Identifiers

CVE-2025-7121

Affected Products

Campcodes Complaint Management System

CVE-2025-7121

Weakness Enumeration

Related Identifiers

Affected Products

References · 10