CVE-2025-11417 PUBLISHED

A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This vulnerability affects unknown code of the file /admin/voters_add.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be exploited.

• hbesljx (VulDB User) reporter

• VDB-327353 | Campcodes Advanced Online Voting Management System voters_add.php unrestricted upload
• VDB-327353 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #665597 | Campcodes Advanced Online Voting Management System 9/26 2024 Incomplete Identification of Uploaded File Variables
• https://github.com/hbesljx/vul/issues/4
• https://www.campcodes.com/

• Unrestricted Upload CWE
• Improper Access Controls CWE