Campcodes Sales and Inventory System index.php cross site scripting

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /index.php. Executing manipulation of the argument page can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used.

Basic Information

ID CVE-2025-9923

Source VulDB

Published Sep 3, 2025 at 18:32

Modified Sep 3, 2025 at 19:51

Affected Product

Vendor Campcodes

Product Sales and Inventory System

Version 1.0

Affected Versions Campcodes Sales and Inventory System 1.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A flaw has been found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /index.php. Executing manipulation of the argument page can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used.",
    "published": "2025-09-03T18:32:06.595Z",
    "modified": "2025-09-03T19:51:50.539Z",
    "type": "cve",
    "title": "Campcodes Sales and Inventory System index.php cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.322325\nhttps://vuldb.com/?ctiid.322325\nhttps://vuldb.com/?submit.642503\nhttps://vuldb.com/?submit.642504\nhttps://vuldb.com/?submit.642523\nhttps://vuldb.com/?submit.642524\nhttps://github.com/zzb1388/cve/issues/67\nhttps://www.campcodes.com/",
    "id": "CVE-2025-9923",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "Campcodes Sales and Inventory System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Sales and Inventory System",
    "version": "1.0",
    "vendor": "Campcodes",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Campcodes Sales and Inventory System index.php cross site scripting_CVE-2025-9923