Login Sign Up

CVE-2025-6405

7.3 HIGH
SQL Injection

📋 TL;DR

A critical SQL injection vulnerability in Campcodes Online Teacher Record Management System 1.0 allows attackers to manipulate database queries through the editid parameter in /admin/edit-teacher-detail.php. This can lead to unauthorized data access, modification, or deletion. All users running version 1.0 are affected.

💻 Affected Systems

Products:
  • Campcodes Online Teacher Record Management System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires admin panel access, but authentication bypass may be possible through other means.

📦 What is this software?

Online Teacher Record Management System by Campcodes

View all CVEs affecting Online Teacher Record Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, and potential remote code execution via database functions.

🟠

Likely Case

Unauthorized access to teacher records, personal data exfiltration, and potential privilege escalation.

🟢

If Mitigated

Limited impact if proper input validation and WAF rules are in place, though SQL injection attempts may still be logged.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires admin access, but SQL injection is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.campcodes.com/

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Modify edit-teacher-detail.php to use prepared statements and validate editid parameter as integer.

Replace raw SQL queries with PDO or mysqli prepared statements

WAF Rule Implementation

all

Deploy web application firewall rules to block SQL injection patterns targeting editid parameter.

ModSecurity rule: SecRule ARGS:editid "@detectSQLi" "id:1001,phase:2,deny"

🧯 If You Can't Patch

  • Isolate the system behind a reverse proxy with strict input validation
  • Implement network segmentation and restrict access to admin panel to trusted IPs only

🔍 How to Verify

Check if Vulnerable:

Test /admin/edit-teacher-detail.php with SQL injection payloads in editid parameter (e.g., editid=1' OR '1'='1).

Check Version:

Check system version in admin panel or readme files.

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return proper error handling.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in web server logs
  • Multiple failed editid parameter attempts
  • Admin panel access from unusual IPs

Network Indicators:

  • HTTP POST requests to /admin/edit-teacher-detail.php with SQL keywords in parameters

SIEM Query:

source="web_logs" AND uri="/admin/edit-teacher-detail.php" AND (param="editid" AND value MATCHES "(?i)(union|select|insert|delete|update|drop|--|#|\*|')")

📊 Metadata

CVE ID: CVE-2025-6405
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.04% exploit probability (12.4th percentile)
Published: June 21, 2025
Last Updated: June 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-6405, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)