CVE-2025-10108 | Campcodes Online Loan Management System 1.0 ajax.php?action=delete_loan ID sql injection

Inserito da Angelo Barbosa | Set 8, 2025 | CVE

A vulnerability identified as critical has been detected in Campcodes Online Loan Management System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_loan. Performing manipulation of the argument ID results in sql injection.

This vulnerability was named CVE-2025-10108. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2025-10108 | Campcodes Online Loan Management System 1.0 ajax.php?action=delete_loan ID sql injection

Post correlati

CVE-2024-22122 | Zabbix Server up to 5.0.42/6.0.30/6.4.15/7.0.0rc2 SMS Notification Number command injection

CVE-2025-45984 | Blink BL-X26_DA3 sub_45B238 routepwd command injection

CVE-2023-4931 | Plesk Installer 3.27.0.0 edputil.dll uncontrolled search path

CVE-2023-48825 | Availability Booking Calendar 5.0 SMS API Key/Default Country Code cross site scripting (ID 176033)