HYLCXH/CVE

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-12336 ↗	Oct 28, 2025Tuesday, 28 October 2025, 01:16	7.3 HIGH	7.5 HIGH
A vulnerability was identified in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_index.php. Such manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
CVE-2025-12337 ↗	Oct 28, 2025Tuesday, 28 October 2025, 01:16	7.3 HIGH	7.5 HIGH
A security flaw has been discovered in Campcodes Retro Basketball Shoes Online Store 1.0. This affects an unknown part of the file /admin/admin_feature.php. Performing a manipulation of the argument pid results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
CVE-2025-12338 ↗	Oct 28, 2025Tuesday, 28 October 2025, 01:16	7.3 HIGH	7.5 HIGH
A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. This vulnerability affects unknown code of the file /admin/admin_product.ph. Executing a manipulation of the argument pid can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2025-12339 ↗	Oct 28, 2025Tuesday, 28 October 2025, 01:16	7.3 HIGH	7.5 HIGH
A security vulnerability has been detected in Campcodes Retro Basketball Shoes Online Store 1.0. This issue affects some unknown processing of the file /admin/admin_football.php. The manipulation of the argument pid leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
CVE-2025-11664 ↗	Oct 13, 2025Monday, 13 October 2025, 07:15	4.7 MEDIUM	5.8 MEDIUM
A security vulnerability has been detected in Campcodes Online Beauty Parlor Management System 1.0. The impacted element is an unknown function of the file /admin/search-appointment.php. Such manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
CVE-2025-11663 ↗	Oct 13, 2025Monday, 13 October 2025, 06:15	4.7 MEDIUM	5.8 MEDIUM
A weakness has been identified in Campcodes Online Beauty Parlor Management System 1.0. The affected element is an unknown function of the file /admin/manage-services.php. This manipulation of the argument sername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.