CVE-2025-9794 | Campcodes Computer Sales and Inventory System 1.0 pos_transac.php?action=add cash/firstname sql injection

A vulnerability labeled as critical has been found in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/pos_transac.php?action=add. Executing manipulation of the argument cash/firstname can lead to sql injection.

This vulnerability appears as CVE-2025-9794. The attack may be performed from remote. In addition, an exploit is available.

Other parameters might be affected as well.VulDB Recent EntriesRead More