CVE-2025-7470

Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0

Description: A critical issue exists in Campcodes Sales and Inventory System 1.0, allowing for unrestricted file upload. The vulnerability is located in an unknown function within the /pages/product add.php file. Exploitation occurs through manipulation of the image argument, enabling remote attacks. The exploit details have been publicly disclosed.

Recommendations: Apply any available updates to address the unrestricted upload issue in the /pages/product add.php file. As a temporary workaround, restrict or disable file upload functionality to mitigate the risk of exploitation.