| Titel | Security Advisory CodeZips Gym Management System V1.0 sql |
|---|
| Beschreibung | A critical SQL injection vulnerability exists in the `usrid` parameter within `/dashboard/admin/health_status_entry.php`. Attackers can inject arbitrary SQL code via specially crafted values, bypassing input validation. This could lead to unauthorized database access, data manipulation, and potentially full system compromise. |
|---|
| Quelle | ⚠️ https://github.com/LiuSir5211314/-sir/issues/1 |
|---|
| Benutzer | liu_my (UID 80323) |
|---|
| Einreichung | 17.01.2025 04:17 (vor 1 Jahr) |
|---|
| Moderieren | 18.01.2025 08:38 (1 day later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 292523 [Codezips Gym Management System 1.0 health_status_entry.php usrid SQL Injection] |
|---|
| Punkte | 19 |
|---|