{"id":7477,"date":"2025-07-01T11:24:16","date_gmt":"2025-07-01T11:24:16","guid":{"rendered":"http:\/\/localhost\/?p=7477"},"modified":"2025-07-01T11:24:16","modified_gmt":"2025-07-01T11:24:16","slug":"campcodes-employee-management-system-aprocessphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7477","title":{"rendered":"Campcodes Employee Management System aprocess.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nCampcodes Employee Management System aprocess.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-01T14:02:08.490Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-01T14:37:11.378Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nCampcodes<\/td>\n<\/tr>\n
Product<\/th>\nEmployee Management System<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n6.9 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA SQL injection vulnerability exists in Campcodes Employee Management System 1.0 due to improper input sanitization in the mailuid argument of aprocess.php. This allows remote attackers to inject malicious SQL code, potentially leading to data theft or system compromise. The vulnerability is considered critical and has a publicly disclosed exploit.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
AI Vendor<\/th>\nCampcodes<\/td>\n<\/tr>\n
AI Product<\/th>\nEmployee Management System<\/td>\n<\/tr>\n
AI Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n