PT-2025-37486 · Campcodes · Campcodes Online Job Finder System
Hcrzzz
·
Published
2025-09-15
·
Updated
2025-09-15
·
CVE-2025-10447
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Campcodes Online Job Finder System version 1.0
Description
A vulnerability exists in Campcodes Online Job Finder System 1.0. The issue is related to unrestricted file upload, stemming from the manipulation of the
picture argument within an unknown function of the /eris/applicationform.php file. This allows for remote exploitation. The exploit is publicly available.Recommendations
As a temporary workaround, consider restricting file upload capabilities within the
/eris/applicationform.php file until a fix is available.Exploit
Fix
Improper Access Control
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Campcodes Online Job Finder System