Login Sign Up

CVE-2025-8952

7.3 HIGH
SQL Injection Authentication Bypass

📋 TL;DR

This SQL injection vulnerability in Campcodes Online Flight Booking Management System 1.0 allows attackers to execute arbitrary SQL commands via the login functionality. Remote attackers can potentially bypass authentication, access sensitive data, or compromise the database. All deployments of version 1.0 with the vulnerable component exposed are affected.

💻 Affected Systems

Products:
  • Campcodes Online Flight Booking Management System
Versions: 1.0
Operating Systems: Any
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default installation with the /admin/ajax.php?action=login endpoint accessible.

📦 What is this software?

Online Flight Booking Management System by Campcodes

View all CVEs affecting Online Flight Booking Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, authentication bypass, privilege escalation, and potential remote code execution if database functions allow it.

🟠

Likely Case

Authentication bypass allowing unauthorized admin access, data exfiltration of user information, and potential manipulation of flight booking data.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and network segmentation preventing database access.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept exists, making exploitation straightforward for attackers with basic SQL injection knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.campcodes.com/

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for the login functionality.

Web Application Firewall Rules

all

Deploy WAF rules to block SQL injection patterns targeting the /admin/ajax.php endpoint.

🧯 If You Can't Patch

  • Restrict network access to the admin interface using firewall rules or network segmentation.
  • Implement strong authentication mechanisms and monitor for suspicious login attempts.

🔍 How to Verify

Check if Vulnerable:

Test the /admin/ajax.php?action=login endpoint with SQL injection payloads in the Username parameter.

Check Version:

Check the system version in the admin panel or configuration files.

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and that parameterized queries are implemented.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in application logs
  • Multiple failed login attempts with SQL patterns
  • Access to /admin/ajax.php with suspicious parameters

Network Indicators:

  • HTTP requests to /admin/ajax.php containing SQL keywords like UNION, SELECT, OR

SIEM Query:

source="web_logs" AND uri="/admin/ajax.php" AND (query="*UNION*" OR query="*SELECT*" OR query="*OR*" OR query="*--*")

📊 Metadata

CVE ID: CVE-2025-8952
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.03% exploit probability (9.6th percentile)
Published: August 14, 2025
Last Updated: August 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-8952, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)