CVE-2025-9751
MEDIUMCVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Description
A weakness has been identified in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /login.php. This manipulation of the argument Username causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
Analysis
A weakness has been identified in Campcodes Online Learning Management System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical Context
This vulnerability is classified under CWE-74. A weakness has been identified in Campcodes Online Learning Management System 1.0.php. This manipulation of the argument Username causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. Affected products include: Campcodes Online Learning Management System.
Affected Products
Campcodes Online Learning Management System.
Remediation
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today