CVE-2025-4714: Campcodes Sales and Inventory System reprint.php sql injection
First published: Thu May 15 2025(Updated: )
A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been classified as critical. Affected is an unknown function of the file /pages/reprint.php. The manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Campcodes Sales and Inventory System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4714?
CVE-2025-4714 has been classified as critical.
How does CVE-2025-4714 affect the Campcodes Sales and Inventory System?
CVE-2025-4714 affects an unknown function in the file /pages/reprint.php, leading to SQL injection.
Can CVE-2025-4714 be exploited remotely?
Yes, CVE-2025-4714 can be exploited remotely.
What is the cause of the vulnerability in CVE-2025-4714?
The vulnerability in CVE-2025-4714 is caused by improper handling of the argument 'sid'.
How can I mitigate the risk of CVE-2025-4714?
To mitigate the risk of CVE-2025-4714, it is recommended to sanitize inputs and implement parameterized queries.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/author
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/epss
- agent/tags
- vendor/campcodes
- canonical/campcodes sales and inventory system