| Titre | Codezips Gym Management System 1.0 SQL Injection |
|---|
| Description | A critical SQL injection vulnerability exists in the mm parameter within /dashboard/admin/over_month.php. Attackers can inject arbitrary SQL code via specially crafted values, bypassing input validation. This could lead to unauthorized database access, data manipulation, and potentially full system compromise. |
|---|
| La source | ⚠️ https://www.yuque.com/baimatangseng-iyusa/qwwm81/zbefafzyl0of6g56?singleDoc# 《/dashboard/admin/over_month.php》 |
|---|
| Utilisateur | sjdalu (UID 81556) |
|---|
| Soumission | 18/03/2025 06:50 (il y a 1 Année) |
|---|
| Modérer | 27/03/2025 07:12 (9 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 301493 [Codezips Gym Management System 1.0 over_month.php mm injection SQL] |
|---|
| Points | 18 |
|---|