A vulnerability was found in itsourcecode Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /ajax.php?action=delete_plan. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/wyl091256/CVE/issues/6 | Exploit Issue Tracking Third Party Advisory |
https://itsourcecode.com/ | Product |
https://vuldb.com/?ctiid.308201 | Permissions Required VDB Entry |
https://vuldb.com/?id.308201 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.566781 | Third Party Advisory VDB Entry |
https://github.com/wyl091256/CVE/issues/6 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
13 May 2025, 19:04
Type | Values Removed | Values Added |
---|---|---|
First Time |
Adrianmercurio
Adrianmercurio gym Management System |
|
References | () https://github.com/wyl091256/CVE/issues/6 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://itsourcecode.com/ - Product | |
References | () https://vuldb.com/?ctiid.308201 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.308201 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.566781 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:adrianmercurio:gym_management_system:1.0:*:*:*:*:*:*:* |
12 May 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/wyl091256/CVE/issues/6 - |
12 May 2025, 17:32
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 May 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-09 20:15
Updated : 2025-05-13 19:04
NVD link : CVE-2025-4486
Mitre link : CVE-2025-4486
CVE.ORG link : CVE-2025-4486
JSON object : View
Products Affected
adrianmercurio
- gym_management_system