Campcodes Online Traffic Offense Management System is a web-based traffic offense management system. A SQL injection vulnerability exists in Campcodes Online Traffic Offense Management System v1.0. The vulnerability stems from the lack of validation of external input SQL statements in the parameter password of the file /classes/Login.php, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data.