A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_package. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/wyl091256/CVE/issues/8 | Exploit Issue Tracking Third Party Advisory |
https://itsourcecode.com/ | Product |
https://vuldb.com/?ctiid.308203 | Permissions Required VDB Entry |
https://vuldb.com/?id.308203 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.566783 | Third Party Advisory VDB Entry |
Configurations
History
13 May 2025, 19:02
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/wyl091256/CVE/issues/8 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://itsourcecode.com/ - Product | |
References | () https://vuldb.com/?ctiid.308203 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.308203 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.566783 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:adrianmercurio:gym_management_system:1.0:*:*:*:*:*:*:* | |
First Time |
Adrianmercurio
Adrianmercurio gym Management System |
12 May 2025, 17:32
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 May 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-09 20:15
Updated : 2025-05-13 19:02
NVD link : CVE-2025-4488
Mitre link : CVE-2025-4488
CVE.ORG link : CVE-2025-4488
JSON object : View
Products Affected
adrianmercurio
- gym_management_system