CVE-2025-13273 – Campcodes School Fees Payment Management System ajax.php sql injection

CVE ID : CVE-2025-13273

Published : Nov. 17, 2025, 10:15 a.m. | 48 minutes ago

Description : A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_payment. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…