CVE-2025-10857

MEDIUM

cna@vuldb.com

Details

CVSS v3: 7.3
CVSS v4: 5.5
CVSS v2: 7.5
NVD published: 2025-09-23 09:15:32
Affected versions: cpe:2.3:a:campcodes:point_of_sale_system:1.0:*:*:*:*:*:*:*
Summary: A security flaw has been discovered in Campcodes Point of Sale System POS 1.0. Affected by this issue is some unknown functionality of the file /login.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.
Remediation: Not available in our cache.
Exploit info: https://www.yuque.com/yuqueyonghuexlgkz/zepczx/un2cmghguhg4aogn?singleDoc

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.