ГлавнаяУязвимости → CVE-2025-9504
7.3высокая

CVE-2025-9504

Описание

A vulnerability was detected in Campcodes Online Loan Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_plan. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.

Затрагиваемое ПО
Campcodes Online loan management system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/nobugpal/cve_Vulnerability_application/issues/2https://vuldb.com/?ctiid.321487https://vuldb.com/?id.321487https://vuldb.com/?submit.635445https://www.campcodes.com/