CVE-2025-10417

Name of the Vulnerable Software and Affected Versions Campcodes Grocery Sales and Inventory System version 1.0

Description A security flaw has been discovered that allows for SQL injection. The vulnerability exists in an unknown function within the /ajax.php?action=delete product file. Manipulation of the ID argument enables remote exploitation. The exploit for this issue has been publicly released.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.