CVE-2025-7219 | Campcodes Payroll Management System 1.0 ajax.php?action=delete_allowances ID sql injection

Inserito da Angelo Barbosa | Lug 7, 2025 | CVE

A vulnerability was found in Campcodes Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /ajax.php?action=delete_allowances. The manipulation of the argument ID leads to sql injection.

This vulnerability is traded as CVE-2025-7219. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-7219 | Campcodes Payroll Management System 1.0 ajax.php?action=delete_allowances ID sql injection

Post correlati

CVE-2024-41514 | CADClick up to 1.11.0 PrevPgGroup.aspx wer cross site scripting

CVE-2024-42009 | RoundCube up to 1.5.7/1.6.7 E-Mail Message show.php message_body cross site scripting

CVE-2024-13112 | WP MediaTagger Plugin up to 4.1.1 on WordPress cross site scripting

CVE-2025-7080 | Done-0 Jank up to 322caebbad10568460364b9667aa62c3080bfc17 JWT Token jwt_utils.go accessSecret/refreshSecret hard-coded password