Campcodes Online Flight Booking Management System save_airlines.php sql injection

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Campcodes Online Flight Booking Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/save_airlines.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8960

Source VulDB

Published Aug 14, 2025 at 11:32

Affected Product

Vendor Campcodes

Product Online Flight Booking Management System

Version 1.0

Affected Versions Campcodes Online Flight Booking Management System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in Campcodes Online Flight Booking Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/save_airlines.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-08-14T11:32:10.043Z",
    "modified": "2025-08-14T11:32:10.043Z",
    "type": "cve",
    "title": "Campcodes Online Flight Booking Management System save_airlines.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319952\nhttps://vuldb.com/?ctiid.319952\nhttps://vuldb.com/?submit.627900\nhttps://www.yuque.com/yuqueyonghuvrsrwv/dhlxlu/ykgg3tumuaefd0ft?singleDoc\nhttps://www.yuque.com/yuqueyonghuvrsrwv/dhlxlu/ykgg3tumuaefd0ft#vulnerability-details-and-poc\nhttps://www.campcodes.com/",
    "id": "CVE-2025-8960",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "Campcodes Online Flight Booking Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Online Flight Booking Management System",
    "version": "1.0",
    "vendor": "Campcodes",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Campcodes Online Flight Booking Management System save_airlines.php sql injection_CVE-2025-8960