CVE-2025-7469

Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0

Description: A critical issue exists in Campcodes Sales and Inventory System 1.0 related to the processing of the /pages/product add.php file. Manipulation of the prod name argument can lead to SQL injection. The attack can be initiated remotely, and the exploit has been publicly disclosed.

Recommendations: As a temporary workaround, consider restricting access to the /pages/product add.php file until a fix is available. Sanitize the prod name argument to prevent SQL injection attacks.