CVE-2025-6404 PUBLISHED

A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

• asants (VulDB User) reporter

• VDB-313398 | Campcodes Online Teacher Record Management System search.php sql injection
• VDB-313398 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #598199 | Campcodes Online Teacher Record Management System V1.0 SQL Injection
• https://github.com/ASantsSec/CVE/issues/13
• https://www.campcodes.com/

• SQL Injection CWE
• Injection CWE