{"id":7475,"date":"2025-07-01T11:13:35","date_gmt":"2025-07-01T11:13:35","guid":{"rendered":"http:\/\/localhost\/?p=7475"},"modified":"2025-07-01T11:13:35","modified_gmt":"2025-07-01T11:13:35","slug":"campcodes-employee-management-system-editphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7475","title":{"rendered":"Campcodes Employee Management System edit.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nCampcodes Employee Management System edit.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-01T14:32:07.870Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-01T14:54:16.563Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nCampcodes<\/td>\n<\/tr>\n
Product<\/th>\nEmployee Management System<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n6.9 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA critical SQL injection vulnerability in Campcodes Employee Management System 1.0 allows remote attackers to inject arbitrary SQL commands via the ID argument in edit.php. This could lead to unauthorized database access and data manipulation. The exploit is publicly available, increasing the risk of exploitation.<\/td>\n<\/tr>\n
AI Severity<\/th>\nHigh<\/td>\n<\/tr>\n
AI Vendor<\/th>\nCampcodes<\/td>\n<\/tr>\n
AI Product<\/th>\nEmployee Management System<\/td>\n<\/tr>\n
AI Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n