EUVD-2025-18875Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
CVE-2025-6404 is a critical SQL injection vulnerability in Campcodes Online Teacher Record Management System version 1.0, specifically in the /admin/search.php file's searchdata parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion of the database. Public disclosure and available proof-of-concept code indicate active exploitation is possible and likely occurring.
Technical ContextAI
The vulnerability exists in a PHP-based web application (Campcodes Online Teacher Record Management System) that handles administrative search functionality. The /admin/search.php endpoint accepts user-supplied input via the 'searchdata' parameter without proper input validation or parameterized query preparation, allowing direct SQL injection attacks. This represents a CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component) vulnerability where unsanitized user input is passed directly into SQL query construction. The affected product is a learning management system targeting educational institutions, making it particularly sensitive due to handling of student and teacher records.
RemediationAI
Immediate actions: (1) Disable or restrict access to /admin/search.php until patching is complete; (2) Implement Web Application Firewall (WAF) rules to block SQL injection patterns in the searchdata parameter (e.g., detecting single quotes, UNION keywords, comments); (3) Review database logs for suspicious query patterns indicating exploitation attempts. Long-term: (1) Contact Campcodes vendor immediately for patched version availability; (2) Upgrade to the patched version as soon as released; (3) Implement prepared statements/parameterized queries for all database interactions; (4) Conduct code review of all search functionality for similar vulnerabilities; (5) Implement input validation using whitelist approach for searchdata parameter; (6) Apply principle of least privilege to database accounts used by the application.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today