CVE-2025-11076

Summary

A vulnerability was found in Campcodes Online Learning Management System 1.0. This impacts an unknown function of the file /admin/edit_teacher.php. Performing manipulation of the argument department results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.

Affected Software

VendorProductVersion RangeStatus
CampcodesOnline Learning Management System1.0affected

Weaknesses

  • CWE-89: SQL Injection
  • CWE-74: Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

References