CVE-2025-4746 | Campcodes Sales and Inventory System 1.0 purchase_delete.php pr_id sql injection

Inserito da Angelo Barbosa | Mag 15, 2025 | CVE

A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pages/purchase_delete.php. The manipulation of the argument pr_id leads to sql injection.

This vulnerability was named CVE-2025-4746. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4746 | Campcodes Sales and Inventory System 1.0 purchase_delete.php pr_id sql injection

Post correlati

CVE-2024-8130 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/s3.cgi cgi_s3 f_a_key command injection (SAP10383)

CVE-2024-27380 | Samsung Exynos 1330 slsi_set_delayed_wakeup_type heap-based overflow

CVE-2024-50610 | GNU Scientific Library up to 2.8 siman/siman.c gsl_siman_solve_many allocation of resources

VDB-283888 | CrushFTP up to 10.8.2/11.2.2 Reset Email password recovery