CVE Alert: CVE-2025-9751 - Campcodes - Online Learning Management System

CVE-2025-9751

HIGHNo exploitation known

A weakness has been identified in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /login.php. This manipulation of the argument Username causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

CVSS v3.1 (7.3)

Vendor

Campcodes

Product

Online Learning Management System

Versions

1.0

CWE

CWE-89, SQL Injection

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

Published

2025-08-31T23:32:06.751Z

Updated

2025-08-31T23:32:06.751Z

References

https://vuldb.com/?id.322052
https://vuldb.com/?ctiid.322052
https://vuldb.com/?submit.640583
https://github.com/HAO-RAY/HCR-CVE/issues/1
https://www.campcodes.com/

AI Summary Analysis

Risk verdict

High risk due to publicly disclosed, unauthenticated remote SQL injection with PoC availability; remediation should be treated as urgent.

Why this matters

An attacker can target login handling over the network and potentially bypass authentication to access or exfiltrate user data, disrupt access, or pave the way for further compromise within the LMS. Even with low per-incident impact, the ease of exploitation across the web surface increases exposure across student, faculty, and admin accounts.

Most likely attack path

Exploitation requires no user interaction and no privileges: an attacker sends crafted input to login.php, triggering SQL injection to bypass authentication or retrieve data. The network-accessible nature (AV:N, PR:N) enables automated scanning and mass attempts, with low detection requirements given no UI or auth barriers. Scope remains unchanged, so confined impacts could still be leveraged for lateralFootprint within the app’s data store.

Who is most exposed

Internet-facing deployments of Campcodes LMS v1.0, especially in educational institutions using publicly accessible login endpoints or poorly shielded environments, are at greatest risk.

Detection ideas

Web logs show suspicious payloads targeting login.php (e.g., classic SQLi patterns, taut quotes, UNION SELECT).
Authentication events preceded by unusual query strings or unexpected data returned from the DB.
Increased DB query latency or errors from login endpoints.
WAF/IPS alerts for SQL injection signatures on login.php.
PoC indicators or tool signatures in security telemetry.

Mitigation and prioritisation

Apply vendor patch or upgrade to a non-vulnerable release as a priority; if unavailable, implement compensating controls.
Implement input handling: parameterised queries, prepared statements, and robust server-side validation for login inputs.
Deploy WAF/IPS rules to block common SQLi patterns targeting login.php; monitor for repeated attempts.
Disable or tightly constrain direct database access from web front-end where feasible; implement least-privilege DB accounts.
Change-management: plan rapid deployment across affected instances; verify integrity post-upgrade and conduct targeted security testing.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee

Patreon

To keep up to date follow us on the below channels.

Tags: campcodes, CVE, cve-2025-9751, online-learning-management-system, OSINT, threatintel