CVE-2025-4718 – This critical SQL injection vulnerability in Ca... (How to Fix)

Q: What is the severity of CVE-2025-4718?

CVE-2025-4718 has a CVSS score of 7.3 (HIGH). This critical SQL injection vulnerability in Campcodes Sales and Inventory System 1.0 allows attackers to execute arbitrary SQL commands via the 'last' parameter in the customer_add.php file. Remote attackers can potentially access, modify, or delete database contents. All users running the affected software version are at risk.

📋 TL;DR

This critical SQL injection vulnerability in Campcodes Sales and Inventory System 1.0 allows attackers to execute arbitrary SQL commands via the 'last' parameter in the customer_add.php file. Remote attackers can potentially access, modify, or delete database contents. All users running the affected software version are at risk.

💻 Affected Systems

Products:

Campcodes Sales and Inventory System

Versions: 1.0

Operating Systems: Any OS running PHP and MySQL/MariaDB

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the /pages/customer_add.php file specifically, but other parameters may also be vulnerable according to the description.

📦 What is this software?

Sales And Inventory System by Campcodes

View all CVEs affecting Sales And Inventory System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, authentication bypass, and potential remote code execution on the underlying server.

🟠

Likely Case

Unauthorized data access and extraction of sensitive customer information, inventory data, and potentially administrative credentials.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only allowing data viewing without modification.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and affects web-facing systems directly exposed to attackers.

🏢 Internal Only: MEDIUM - Internal systems are still vulnerable to insider threats or compromised internal hosts.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly disclosed on GitHub, making this easily weaponizable by attackers with basic SQL injection knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.campcodes.com/

Restart Required: No

Instructions:

No official patch available. Check vendor website for updates. Consider implementing workarounds or migrating to alternative software.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for all user inputs in the application.

Modify PHP code to use prepared statements: $stmt = $conn->prepare('INSERT INTO customers (last) VALUES (?)'); $stmt->bind_param('s', $last);

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection rules to block malicious requests.

Configure WAF rules to block SQL injection patterns in POST/GET parameters

🧯 If You Can't Patch

Isolate the system from the internet using firewall rules to restrict access to trusted IPs only.
Implement database-level controls: Use least privilege accounts, enable logging, and regularly audit database access.

🔍 How to Verify

Check if Vulnerable:

Test the /pages/customer_add.php endpoint with SQL injection payloads in the 'last' parameter and observe database errors or unexpected behavior.

Check Version:

Check the software version in the application interface or configuration files; look for version 1.0 indicators.

Verify Fix Applied:

After implementing fixes, retest with SQL injection payloads to confirm they are properly blocked or sanitized.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in web server logs
Multiple failed login attempts or parameter manipulation in access logs
Unexpected database queries from web application user

Network Indicators:

HTTP requests to /pages/customer_add.php with SQL keywords in parameters
Unusual database connection patterns from web server

SIEM Query:

source="web_logs" AND (url="/pages/customer_add.php" AND (param="last" AND value CONTAINS "' OR" OR value CONTAINS "UNION" OR value CONTAINS "SELECT"))

📊 Metadata

CVE ID: CVE-2025-4718

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.09% exploit probability (25.5th percentile)

Published: May 15, 2025

Last Updated: May 28, 2025

🔗 References

https://github.com/usingns/CVE/issues/1 Exploit,Issue Tracking,Third Party Advisory
https://vuldb.com/?ctiid.309019 Permissions Required
https://vuldb.com/?id.309019 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.568386 Third Party Advisory,VDB Entry
https://www.campcodes.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-4718, you might also want to check these: