CVE-2025-9744 PoC — CampCodes Online Loan Management System 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-9744.yaml

Associated Vulnerability

Title:CampCodes Online Loan Management System 安全漏洞 (CVE-2025-9744)
Description:CampCodes Online Loan Management System是菲律宾CampCodes公司的一个在线贷款管理系统。 CampCodes Online Loan Management System 1.0版本存在安全漏洞，该漏洞源于对文件/ajax.php?action=login中参数Username的错误操作导致SQL注入攻击。

Description

Loan Management System 1.0 contains a SQL injection vulnerability via the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.

File Snapshot


 id: CVE-2025-9744

info:
  name: Loan Management System 1.0 - SQL Injection
  author: arafatansari
 

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!