CVE-2025-15214

CVSS v3.1

4.8

Medium

Vector

AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Campcodes Park Ticketing System version 1.0

Description A security issue exists in Campcodes Park Ticketing System version 1.0. The save pricing function within the admin class.php file is susceptible to cross-site scripting (XSS) due to manipulation of the Name argument. This attack can be initiated remotely. The exploit has been publicly disclosed.

Recommendations Apply a fix to the save pricing function in the admin class.php file to prevent manipulation of the Name argument.

Exploit

Fix

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-94

Related Identifiers

CVE-2025-15214

Affected Products

Campcodes Park Ticketing System

CVE-2025-15214

Weakness Enumeration

Related Identifiers

Affected Products

References · 13