Vulnerabilities > CVE-2025-0849 - Unspecified vulnerability in Campcodes School Management Software 1.0

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

campcodes

NVD

Published: 2025-01-30

Updated: 2025-02-04

Summary

A vulnerability classified as critical has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /edit-staff/ of the component Staff Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Vulnerable Configurations

Part	Description	Count
Application	Campcodes Campcodes School Management Software 1.0	1

References

https://github.com/KhukuriRimal/Vulnerabilities/blob/main/Sensitive%20Super%20Admin%20Data%20Exposure%20and%20Unauthorized%20Data%20Update%20via%20IDOR%20(Teacher%20Role%20to%20Super%20Admin%20Role).pdf
https://vuldb.com/?ctiid.294012
https://vuldb.com/?id.294012
https://vuldb.com/?submit.487618
https://www.campcodes.com/