Vulnerabilities in Campcodes

586 results
Vexday analysis

Com 573 CVEs catalogadas, o volume de vulnerabilidades associadas ao vendor Campcodes é expressivo, embora nenhuma delas figure atualmente no catálogo CISA KEV, situando a taxa de exploração ativa abaixo da média geral do catálogo. O tipo de falha mais recorrente é CWE-89 (injeção de SQL), o que indica padrões estruturais de desenvolvimento inseguro que tendem a facilitar comprometimento direto de bancos de dados. A CVE mais perigosa em observação no momento é CVE-2025-9744, com escore EPSS de 0,0166, uma das duas vulnerabilidades com PoC pública disponível — fator que, mesmo sem exploração ativa confirmada, eleva o risco de que isso mude em curto prazo. Equipes responsáveis por ambientes que utilizam produtos Campcodes devem priorizar a remediação de falhas de injeção e monitorar ativamente as duas entradas recentes dado o potencial de progressão.

CVE-2025-15206MEDIUMCampcodes Supplier Management System add_area.php sql injectionEPSS 0.4%CVE-2025-15207MEDIUMCampcodes Supplier Management System view_products.php sql injectionEPSS 0.4%CVE-2025-7547MEDIUMCampcodes Online Movie Theater Seat Reservation System admin_class.php save_movie unrestricted uploadEPSS 0.4%CVE-2025-0849MEDIUMCampCodes School Management Software Staff edit-staff improper authorizationEPSS 0.4%CVE-2025-7538MEDIUMCampcodes Sales and Inventory System product_update.php unrestricted uploadEPSS 0.4%CVE-2025-7470MEDIUMCampcodes Sales and Inventory System product_add.php unrestricted uploadEPSS 0.4%CVE-2024-4650LOWCampcodes Complete Web-Based School Management System student_due_payment.php cross site scriptingEPSS 0.4%CVE-2024-4649LOWCampcodes Complete Web-Based School Management System student_exam_mark_insert_form1.php cross site scriptingEPSS 0.4%CVE-2025-4548MEDIUMCampcodes Online Food Ordering System router.php sql injectionEPSS 0.4%CVE-2025-11664MEDIUMCampcodes Online Beauty Parlor Management System search-appointment.php sql injectionEPSS 0.4%CVE-2025-4503MEDIUMCampcodes Sales and Inventory System customer_update.php sql injectionEPSS 0.4%CVE-2025-14529MEDIUMCampcodes Retro Basketball Shoes Online Store admin_running.php sql injectionEPSS 0.4%CVE-2025-10447MEDIUMCampcodes Online Job Finder System applicationform.php unrestricted uploadEPSS 0.4%CVE-2024-4906MEDIUMCampcodes Complete Web-Based School Management System show_student1.php sql injectionEPSS 0.4%CVE-2025-9920MEDIUMCampcodes Recruitment Management System index.php include file inclusionEPSS 0.4%CVE-2025-4815MEDIUMCampcodes Sales and Inventory System supplier_update.php sql injectionEPSS 0.4%CVE-2025-5032MEDIUMCampcodes Online Shopping Portal edit-category.php sql injectionEPSS 0.4%CVE-2025-4814MEDIUMCampcodes Sales and Inventory System supplier_add.php sql injectionEPSS 0.4%CVE-2025-4707MEDIUMCampcodes Sales and Inventory System transaction_add.php sql injectionEPSS 0.4%CVE-2025-5081MEDIUMCampcodes Cybercafe Management System adminprofile.php sql injectionEPSS 0.4%