Vulnerabilities in Campcodes

586 results
Vexday analysis

Com 573 CVEs catalogadas, o volume de vulnerabilidades associadas ao vendor Campcodes é expressivo, embora nenhuma delas figure atualmente no catálogo CISA KEV, situando a taxa de exploração ativa abaixo da média geral do catálogo. O tipo de falha mais recorrente é CWE-89 (injeção de SQL), o que indica padrões estruturais de desenvolvimento inseguro que tendem a facilitar comprometimento direto de bancos de dados. A CVE mais perigosa em observação no momento é CVE-2025-9744, com escore EPSS de 0,0166, uma das duas vulnerabilidades com PoC pública disponível — fator que, mesmo sem exploração ativa confirmada, eleva o risco de que isso mude em curto prazo. Equipes responsáveis por ambientes que utilizam produtos Campcodes devem priorizar a remediação de falhas de injeção e monitorar ativamente as duas entradas recentes dado o potencial de progressão.

CVE-2024-2678MEDIUMCampcodes Online Job Finder System controller.php sql injectionEPSS 0.5%CVE-2025-9694MEDIUMCampcodes Advanced Online Voting System login.php sql injectionEPSS 0.5%CVE-2024-3524LOWCampcodes Online Event Management System process.php cross site scriptingEPSS 0.5%CVE-2025-0213MEDIUMCampcodes Project Management System update_forms.php unrestricted uploadEPSS 0.5%CVE-2023-3885LOWCampcodes Beauty Salon Management System edit_category.php cross site scriptingEPSS 0.5%CVE-2025-9529MEDIUMCampcodes Payroll Management System index.php include file inclusionEPSS 0.5%CVE-2025-7535MEDIUMCampcodes Sales and Inventory System reprint_cash.php sql injectionEPSS 0.5%CVE-2025-7536MEDIUMCampcodes Sales and Inventory System receipt_credit.php sql injectionEPSS 0.5%CVE-2024-5106MEDIUMCampcodes Complete Web-Based School Management System student_payment_details3.php sql injectionEPSS 0.5%CVE-2024-5115MEDIUMCampcodes Complete Web-Based School Management System teacher_profile.php sql injectionEPSS 0.5%CVE-2024-5112MEDIUMCampcodes Complete Web-Based School Management System student_profile.php sql injectionEPSS 0.5%CVE-2024-5113MEDIUMCampcodes Complete Web-Based School Management System student_profile1.php sql injectionEPSS 0.5%CVE-2025-8229MEDIUMCampcodes Courier Management System parcel_list.php sql injectionEPSS 0.5%CVE-2024-7218MEDIUMSourceCodester/Campcodes School Log Management System ajax.php cross site scriptingEPSS 0.5%CVE-2025-10448MEDIUMCampcodes Online Job Finder System index.php sql injectionEPSS 0.5%CVE-2024-4651LOWCampcodes Complete Web-Based School Management System student_attendance_history1.php cross site scriptingEPSS 0.5%CVE-2025-0625LOWCampCodes School Management Software Attachment resource injectionEPSS 0.5%CVE-2025-4226MEDIUMPHPGurukul/Campcodes Cyber Cafe Management System add-computer.php sql injectionEPSS 0.5%CVE-2025-11422MEDIUMCampcodes Advanced Online Voting Management System login.php sql injectionEPSS 0.5%CVE-2024-8344MEDIUMCampcodes Supplier Management System edit_area.php sql injectionEPSS 0.5%