CVE-2025-9920
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-03

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security flaw has been discovered in Campcodes Recruitment Management System 1.0. This impacts the function include of the file /admin/index.php. The manipulation of the argument page results in file inclusion. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-03
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-09-03
EPSS Evaluated
2026-06-14
NVD
CVE-2025-9920
EUVD
EUVD-2025-26577
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
campcodes online_recruitment_management_system 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-73 The product allows user input to control or influence paths or file names that are used in filesystem operations.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-9920 is a file inclusion vulnerability in Campcodes Recruitment Management System version 1.0, specifically in the /admin/index.php file. The vulnerability occurs because the application uses a user-controlled parameter named "page" to dynamically construct file paths for the PHP include() function without proper validation, filtering, or whitelisting. This allows an attacker to manipulate the "page" parameter to include arbitrary files, potentially leading to remote code execution or unauthorized access to sensitive data. [1, 2, 3]

Impact Analysis

This vulnerability can impact you by allowing an attacker to remotely include arbitrary files on the server, which may lead to remote code execution, unauthorized access to sensitive information, and compromise of the system's confidentiality, integrity, and availability. Exploitation requires authentication with valid credentials but can be performed remotely. Attackers can also use publicly available exploits and techniques like Google dorking to identify vulnerable targets. [1, 2, 3]

Detection Guidance

This vulnerability can be detected by monitoring for suspicious requests targeting the vulnerable parameter 'page' in the /admin/index.php file. For example, you can look for HTTP GET requests containing unusual file paths or attempts to include local files. A simple detection method is to search web server logs for requests matching patterns like '/admin/index.php?page=' with suspicious values. Additionally, Google dorking with queries such as "inurl:admin/index.php" can help identify exposed vulnerable instances. Commands to detect such activity include using grep on web server logs: grep 'admin/index.php?page=' /var/log/apache2/access.log or similar. Monitoring for authentication attempts with default credentials (e.g., admin/admin123) may also help detect exploitation attempts. [2, 3]

Mitigation Strategies

Immediate mitigation steps include: 1) Implement strict validation and sanitization of the 'page' parameter to prevent arbitrary file inclusion. 2) Apply the Principle of Least Privilege (PoLP) to limit the permissions of the application and database users. 3) Deploy a Web Application Firewall (WAF) to detect and block malicious requests targeting this vulnerability. 4) Change default credentials to strong, unique passwords to prevent unauthorized access. 5) Monitor logs for suspicious activity to detect exploitation attempts early. 6) Regularly update and patch the application to incorporate security fixes. If possible, consider replacing the affected product with a secure alternative. [2, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9920. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart