إرسال #480220: Codezips Gym Management System in PHP with Source Code V1.0 SQL Injectionالمعلومات

TitleCodezips Gym Management System in PHP with Source Code V1.0 SQL Injection
DescriptionA critical SQL injection vulnerability exists in the name parameter within /dashboard/admin/edit_member.php. Attackers can inject arbitrary SQL code via specially crafted values, bypassing input validation. This could lead to unauthorized database access, data manipulation, and potentially full system compromise. Database Compromise: Attackers can read, modify, or delete data. Data Leakage: Sensitive customer/payment information could be exposed. System Interruption: Malicious queries may degrade performance or crash the application. Privilege Escalation: Potential elevation of privileges leading to broader system takeover.
Source⚠️ https://github.com/nbeisss/CVE/issues/1
User
 nbeisss (UID 80138)
Submission13/01/2025 16:24 (3 أشهر منذ)
Moderation17/01/2025 07:59 (4 days later)
Statusتمت الموافقة
VulDB Entry292433 [Codezips Gym Management System 1.0 edit_member.php الأسم حقن إس كيو إل]
Points20

التالي نظرة عامة السابق

Might our Artificial Intelligence support you?

Check our Alexa App!