PT-2025-44073 · Campcodes · Campcodes Retro Basketball Shoes Online Store
Hanyu Luo
·
Published
2025-10-28
·
Updated
2025-11-03
·
CVE-2025-12338
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Campcodes Retro Basketball Shoes Online Store version 1.0
Description
A weakness exists in Campcodes Retro Basketball Shoes Online Store 1.0. The issue affects unknown code within the
/admin/admin product.ph file. Manipulation of the pid argument can lead to SQL injection. The attack can be launched remotely. The exploit has been made publicly available.Recommendations
For Campcodes Retro Basketball Shoes Online Store version 1.0, address the SQL injection issue by sanitizing or validating the
pid argument before using it in database queries. As a temporary workaround, restrict access to the /admin/admin product.ph file.Exploit
Fix
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Campcodes Retro Basketball Shoes Online Store