CVE-2025-4815 | Campcodes Sales and Inventory System 1.0 supplier_update.php Name sql injection

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/supplier_update.php. The manipulation of the argument Name leads to sql injection.

This vulnerability is handled as CVE-2025-4815. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-4815 | Campcodes Sales and Inventory System 1.0 supplier_update.php Name sql injection

Post correlati

CVE-2024-8485 | REST API TO MiniProgram Plugin up to 4.7.1 on WordPress Email Update Remote Code Execution

CVE-2025-1060 | Schneider Electric ASCO 5310 Single-Channel Remote Annunciator cleartext transmission (SEVD-2025-042-01)

CVE-2025-4561 | Kinfor KFOX up to 2.6 unrestricted upload

CVE-2024-43027 | Draytek Vigor 3900/Vigor 2960/Vigor 300B prior 1.5.1.5_Beta cgi-bin/mainfunction.cgi action command injection