CVE-2025-7220 | Campcodes Payroll Management System 1.0 ajax.php?action=save_deductions ID sql injection

Inserito da Angelo Barbosa | Lug 7, 2025 | CVE

A vulnerability was found in Campcodes Payroll Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_deductions. The manipulation of the argument ID leads to sql injection.

This vulnerability is known as CVE-2025-7220. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-7220 | Campcodes Payroll Management System 1.0 ajax.php?action=save_deductions ID sql injection

Post correlati

CVE-2024-35706 | Team Heateor Heateor Social Login Plugin up to 1.1.32 on WordPress cross site scripting

CVE-2025-46719 | open-webui OpenWebUI up to 0.6.5 cross site scripting (GHSA-9f4f-jv96-8766)

CVE-2024-6526 | CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03 search_title/catName/sub/name/categorie cross site scripting

CVE-2021-22529 | OpenText NetIQ Advance Authentication up to 6.3.5.0 information disclosure