A flaw has been found in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element is an unknown function of the file /admin/admin_product.php. Executing manipulation of the argument product_image can lead to unrestricted upload. The attack may be launched remotely. The exploit has been published and may be used.
References
| Link | Resource |
|---|---|
| https://github.com/Abxery/cveee/issues/6 | Exploit Third Party Advisory Issue Tracking |
| https://vuldb.com/?ctiid.332945 | Permissions Required VDB Entry |
| https://vuldb.com/?id.332945 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.696051 | Third Party Advisory VDB Entry |
| https://www.campcodes.com/ | Product |
| https://github.com/Abxery/cveee/issues/6 | Exploit Third Party Advisory Issue Tracking |
Configurations
History
21 Nov 2025, 20:21
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/Abxery/cveee/issues/6 - Exploit, Third Party Advisory, Issue Tracking | |
| References | () https://vuldb.com/?ctiid.332945 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.332945 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.696051 - Third Party Advisory, VDB Entry | |
| References | () https://www.campcodes.com/ - Product | |
| CPE | cpe:2.3:a:campcodes:retro_basketball_shoes_online_store:1.0:*:*:*:*:*:*:* | |
| First Time |
Campcodes retro Basketball Shoes Online Store
Campcodes |
20 Nov 2025, 19:16
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/Abxery/cveee/issues/6 - |
20 Nov 2025, 00:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-11-20 00:15
Updated : 2025-11-21 20:21
NVD link : CVE-2025-13423
Mitre link : CVE-2025-13423
CVE.ORG link : CVE-2025-13423
JSON object : View
Products Affected
campcodes
- retro_basketball_shoes_online_store