CNNVD-202512-3770 Information
CNNVD ID
CNNVD-202512-3770
Related CVE
- CNNVD Published: 2025-12-19
Description (Chinese)
CampCodes Supplier Management System是CampCodes公司的一个供应商管理系统。 CampCodes Supplier Management System 1.0版本存在SQL注入漏洞,该漏洞源于对文件/admin/add_category.php中参数txtCategoryName的错误操作,可能导致SQL注入攻击。
Description (English)
CampCodes Supplier Management System is a supplier management system for CampCodes. The version 1.0 of CampCodes Supplier Management System contains an injection loophole in SQL, which results from an error in the txtCategoryName parameter in the document/admin/add category.php, which may lead to an attack on SQL injection.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
CampCodes
Published
2025-12-19
Last Modified
2026-02-24
References
https://www.campcodes.com/ https://vuldb.com/?ctiid.337588 https://vuldb.com/?submit.716440 https://github.com/vivibiubiu/CVE/issues/1 https://vuldb.com/?id.337588 https://access.redhat.com/security/cve/cve-2025-14952
Patch
https://www.campcodes.com/projects/php/supplier-management-system-using-php-mysql/
Share on: