Campcodes Online Hotel Reservation System edit_room.php unrestricted upload_CVE-2025-8379

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability classified as critical has been found in Campcodes Online Hotel Reservation System 1.0. This affects an unknown part of the file /admin/edit_room.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8379

Source VulDB

Published Jul 31, 2025 at 10:32

Modified Jul 31, 2025 at 13:15

Affected Product

Vendor Campcodes

Product Online Hotel Reservation System

Version 1.0

Affected Versions Campcodes Online Hotel Reservation System 1.0

CWE Classification

CWE-434 CWE-284

References

{
    "lastseen": "",
    "description": "A vulnerability classified as critical has been found in Campcodes Online Hotel Reservation System 1.0. This affects an unknown part of the file /admin/edit_room.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-07-31T10:32:05.716Z",
    "modified": "2025-07-31T13:15:57.352Z",
    "type": "cve",
    "title": "Campcodes Online Hotel Reservation System edit_room.php unrestricted upload",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.318357\nhttps://vuldb.com/?ctiid.318357\nhttps://vuldb.com/?submit.624817\nhttps://github.com/XiaoJiesecqwq/sql/issues/2\nhttps://www.campcodes.com/",
    "id": "CVE-2025-8379",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434",
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "Campcodes Online Hotel Reservation System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Online Hotel Reservation System",
    "version": "1.0",
    "vendor": "Campcodes",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}