CVE-2025-10857 – CVE-2025-10857 is an SQL injection vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2025-10857?

CVE-2025-10857 has a CVSS score of 7.3 (HIGH). CVE-2025-10857 is an SQL injection vulnerability in Campcodes Point of Sale System POS 1.0 that allows attackers to manipulate database queries through the Username parameter in /login.php. This enables unauthorized data access, modification, or deletion. All users running Campcodes POS 1.0 with the vulnerable login.php file are affected.

📋 TL;DR

CVE-2025-10857 is an SQL injection vulnerability in Campcodes Point of Sale System POS 1.0 that allows attackers to manipulate database queries through the Username parameter in /login.php. This enables unauthorized data access, modification, or deletion. All users running Campcodes POS 1.0 with the vulnerable login.php file are affected.

💻 Affected Systems

Products:

Campcodes Point of Sale System POS

Versions: 1.0

Operating Systems: All platforms running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the /login.php file specifically. Any installation with this file accessible is vulnerable.

📦 What is this software?

Point Of Sale System by Campcodes

View all CVEs affecting Point Of Sale System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including theft of sensitive customer/payment data, administrative credential theft, and potential system takeover.

🟠

Likely Case

Unauthorized access to POS data, customer information exposure, and potential data manipulation affecting business operations.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only error messages or partial data exposure.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and affects login functionality, making internet-facing systems prime targets.

🏢 Internal Only: MEDIUM - Internal systems are still vulnerable but have reduced attack surface compared to internet-facing deployments.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly available and target login functionality, making exploitation straightforward for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.campcodes.com/

Restart Required: No

Instructions:

No official patch available. Check vendor website for updates. Consider implementing workarounds or migrating to alternative software.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement parameterized queries or prepared statements for the Username parameter in login.php

Modify login.php to use prepared statements: $stmt = $conn->prepare('SELECT * FROM users WHERE username = ?'); $stmt->bind_param('s', $username);

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns in login requests

Configure WAF to block requests containing SQL keywords like UNION, SELECT, INSERT, DELETE in Username parameter

🧯 If You Can't Patch

Isolate the POS system on a separate network segment with strict firewall rules limiting access
Implement network-based intrusion detection to monitor for SQL injection attempts

🔍 How to Verify

Check if Vulnerable:

Test the login.php endpoint with SQL injection payloads in the Username parameter (e.g., admin' OR '1'='1)

Check Version:

Check software version in admin panel or review source code headers for version information

Verify Fix Applied:

Retest with SQL injection payloads after implementing fixes; successful login should only occur with valid credentials

📡 Detection & Monitoring

Log Indicators:

Unusual SQL errors in application logs
Multiple failed login attempts with SQL-like patterns
Successful logins from unexpected IP addresses

Network Indicators:

HTTP POST requests to /login.php containing SQL keywords in parameters
Unusual database query patterns from web server

SIEM Query:

source="web_logs" AND uri="/login.php" AND (param="Username" AND value MATCHES "(?i)(union|select|insert|delete|or|and|')")

📊 Metadata

CVE ID: CVE-2025-10857

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.05% exploit probability (15.4th percentile)

Published: September 23, 2025

Last Updated: September 25, 2025

🔗 References

https://vuldb.com/?ctiid.325228 Permissions Required,VDB Entry
https://vuldb.com/?id.325228 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.657940 Third Party Advisory,VDB Entry
https://www.campcodes.com/ Product
https://www.yuque.com/yuqueyonghuexlgkz/zepczx/un2cmghguhg4aogn?singleDoc Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10857, you might also want to check these: