School File Management System
Sign in to watchby Campcodes
Source repositories
CVEs (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-14209 | Hig | 0.47 | 7.3 | 0.00 | Dec 8, 2025 | A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /update_query.php. This manipulation of the argument stud_id causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. | |
| CVE-2025-13555 | Hig | 0.47 | 7.3 | 0.00 | Nov 23, 2025 | A vulnerability was detected in Campcodes School File Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument stud_no results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used. | |
| CVE-2025-15404 | Med | 0.41 | 6.3 | 0.00 | Jan 1, 2026 | A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /save_file.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. | |
| CVE-2025-12873 | Med | 0.31 | 4.7 | 0.00 | Nov 7, 2025 | A security flaw has been discovered in Campcodes School File Management 1.0. This affects an unknown part of the file /admin/update_user.php. Performing manipulation of the argument user_id results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. |