SQL Injection Vulnerability in Campcodes Online Flight Booking Management System
CVE-2025-8960

6.9MEDIUM

Key Information:

Vendor: Campcodes
Status: Online Flight Booking Management System
Vendor: CVE Published:; 14 August 2025

What is CVE-2025-8960?

A significant SQL injection vulnerability exists in the Campcodes Online Flight Booking Management System version 1.0, specifically within the /admin/save_airlines.php file. By manipulating the argument ID, an attacker may craft a remote exploit that compromises the database integrity. This vulnerability allows for unauthorized access to sensitive information, thereby highlighting the essential need for immediate patching and enhanced security measures.