CVE-2025-11417

Published: Oct 8, 2025Modified: Apr 29, 2026

2.1

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: CNA (Secondary)

Description

A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This vulnerability affects unknown code of the file /admin/voters_add.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be exploited.

Affected (1)

Products: Campcodes: Advanced Online Voting System

1 product

Advanced Online Voting System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Campcodes Advanced Online Voting System	Version 1.0

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (5)

https://github.com/hbesljx/vul/issues/4

Source: cna@vuldb.com

ExploitIssue Tracking

https://vuldb.com/?ctiid.327353

Source: cna@vuldb.com

Permissions RequiredVDB Entry

https://vuldb.com/?id.327353

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.665597

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://www.campcodes.com/

Source: cna@vuldb.com

Product

Timeline

No history available yet.