提出 #496409: Codezips Gym Management System in PHP with Source Code v1.0 SQL Injection情報

タイトルCodezips Gym Management System in PHP with Source Code v1.0 SQL Injection
説明A critical SQL injection vulnerability exists in the tidparameter within /dashboard/admin/updateroutine.php. Attackers can inject arbitrary SQL code via specially crafted values, bypassing input validation. This could lead to unauthorized database access, data manipulation, and potentially full system compromise. Database Compromise: Attackers can read, modify, or delete data. Data Leakage: Sensitive customer/payment information could be exposed. System Interruption: Malicious queries may degrade performance or crash the application. Privilege Escalation: Potential elevation of privileges leading to broader system takeover.
ソース⚠️ https://github.com/takakie/CVE/blob/main/cve_1.md
ユーザー
 takakie (UID 49499)
送信2025年02月07日 05:57 (1 年 ago)
モデレーション2025年02月10日 13:56 (3 days later)
ステータス承諾済み
VulDBエントリ295094 [Codezips Gym Management System 1.0 updateroutine.php tid SQLインジェクション]
ポイント20

Might our Artificial Intelligence support you?

Check our Alexa App!