Campcodes School Fees Payment Management System ajax.php sql injection

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in Campcodes School Fees Payment Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=delete_fees. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be exploited.

Basic Information

ID CVE-2025-13274

Source VulDB

Published Nov 17, 2025 at 10:02

Affected Product

Vendor Campcodes

Product School Fees Payment Management System

Version 1.0

Affected Versions Campcodes School Fees Payment Management System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A weakness has been identified in Campcodes School Fees Payment Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=delete_fees. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be exploited.",
    "published": "2025-11-17T10:02:06.285Z",
    "modified": "2025-11-17T10:02:06.285Z",
    "type": "cve",
    "title": "Campcodes School Fees Payment Management System ajax.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.332609\nhttps://vuldb.com/?ctiid.332609\nhttps://vuldb.com/?submit.690886\nhttps://github.com/ASantsSec/CVE/issues/21\nhttps://www.campcodes.com/",
    "id": "CVE-2025-13274",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "Campcodes School Fees Payment Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "School Fees Payment Management System",
    "version": "1.0",
    "vendor": "Campcodes",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Campcodes School Fees Payment Management System ajax.php sql injection_CVE-2025-13274