CVE-2025-7537

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0

Description: A critical issue exists in Campcodes Sales and Inventory System. The vulnerability is located in the file /pages/product update.php and allows for SQL injection through manipulation of the ID argument. This issue can be exploited remotely. The exploit has been publicly disclosed.

Recommendations: Apply a fix to address the SQL injection vulnerability in the /pages/product update.php file. Sanitize the ID argument to prevent malicious code injection.

Exploit

Fix

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-89

Related Identifiers

CVE-2025-7537

Affected Products

Campcodes Sales/Inventory System

CVE-2025-7537

Weakness Enumeration

Related Identifiers

Affected Products

References · 10