Campcodes Advanced Voting Management System Password voters_edit.php improper authorization

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/voters_edit.php of the component Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.

Basic Information

ID CVE-2025-14889

Source VulDB

Published Dec 18, 2025 at 20:02

Modified Dec 18, 2025 at 20:15

Affected Product

Vendor Campcodes

Product Advanced Voting Management System

Version 1.0

Affected Versions Campcodes Advanced Voting Management System 1.0

CWE Classification

CWE-285 CWE-266

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/voters_edit.php of the component Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.",
    "published": "2025-12-18T20:02:07.993Z",
    "modified": "2025-12-18T20:15:44.091Z",
    "type": "cve",
    "title": "Campcodes Advanced Voting Management System Password voters_edit.php improper authorization",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.337378\nhttps://vuldb.com/?ctiid.337378\nhttps://vuldb.com/?submit.715643\nhttps://gist.github.com/nikstudy576-maker/82e1e1ede9b848880aa09b87b92bc22c\nhttps://www.campcodes.com/",
    "id": "CVE-2025-14889",
    "bulletinFamily": "",
    "cwe": [
        "CWE-285",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "Campcodes Advanced Voting Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Advanced Voting Management System",
    "version": "1.0",
    "vendor": "Campcodes",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Campcodes Advanced Voting Management System Password voters_edit.php improper authorization_CVE-2025-14889