CVE-2025-9694

Name of the Vulnerable Software and Affected Versions Campcodes Advanced Online Voting System version 1.0

Description A SQL injection issue exists in an unknown functionality of the file /admin/login.php. Manipulation of the Username argument can lead to successful exploitation. The attack can be launched remotely, and the exploit has been publicly disclosed.

Recommendations As a temporary workaround, consider restricting access to the /admin/login.php file until a fix is available. Sanitize the Username input to prevent SQL injection attacks.