CVE-2025-0625

CVSS v4.0

2.3

Low

Vector

AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

The CampCodes School Management Software version 1.0 has a security issue in its Attachment Handler component, allowing for improper control of resource identifiers. This can be exploited remotely with a relatively high complexity of attack and is considered difficult to exploit. An exploit has been publicly disclosed and can be used. The vulnerable version is 1.0. More information about the exploit can be found at https://t.co/nzgfDXsBQu or https://t.co/pj1cwN7VVX. #CampCodes #SchoolManagementSoftware #AttachmentHandler #RemoteExploit #ImproperControl #ResourceIdentifiers #ExploitDisclosed #SchoolSoftwareSecurity

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-99

Related Identifiers

CVE-2025-0625

Affected Products

Campcodes School Management

CVE-2025-0625

Weakness Enumeration

Related Identifiers

Affected Products

References · 13