arpcyber070/CVE

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-13555 ↗	Nov 23, 2025Sunday, 23 November 2025, 16:15	7.3 HIGH	7.5 HIGH
A vulnerability was detected in Campcodes School File Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument stud_no results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.
CVE-2025-13424 ↗	Nov 20, 2025Thursday, 20 November 2025, 00:15	4.7 MEDIUM	5.8 MEDIUM
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/add_product.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
CVE-2025-13260 ↗	Nov 17, 2025Monday, 17 November 2025, 04:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/edit_product.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.