CVE-2025-9678 | Campcodes Online Loan Management System 1.0 ajax.php?action=delete_borrower ID sql injection

Inserito da Angelo Barbosa | Ago 29, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Campcodes Online Loan Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=delete_borrower. This manipulation of the argument ID causes sql injection.

The identification of this vulnerability is CVE-2025-9678. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-9678 | Campcodes Online Loan Management System 1.0 ajax.php?action=delete_borrower ID sql injection

Post correlati

CVE-2025-0486 | Fanli2012 native-php-cms 1.0 /fladmin/login.php username sql injection

CVE-2024-27885 | Apple macOS up to 12.6/13.5/14.4 symlink

CVE-2024-50206 | Linux Kernel up to 6.11.5 mtk_eth_soc memory corruption (68cd084e3ec1/88806efc034a)

CVE-2025-1160 | SourceCodester Employee Management System 1.0 index.php username/password default credentials