| 제목 | code-projects GYM MANAGEMENT SYSTEM 1 SQL Injection |
|---|
| 설명 | Although this Gym Management System in PHP is a simple mini project designed to manage members, trainers, and exercises from both admin and user panels, the current
implementation introduces multiple security risks.
Because several features rely on direct user-controlled input (especially in admin management operations), the application is vulnerable to critical issues such as SQL
Injection, weak authentication/session handling, and missing request protection.
As a result, an attacker may be able to access or manipulate sensitive gym records without proper authorization. These weaknesses indicate that the project lacks secure
input handling and defensive controls in key business modules.
|
|---|
| 원천 | ⚠️ https://fox-byte.yuque.com/org-wiki-fox-byte-ig3xms/rdgsp5/yg012bnp1xorwq0p |
|---|
| 사용자 | Red0 (UID 96252) |
|---|
| 제출 | 2026. 04. 15. AM 09:54 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 04. 30. PM 09:04 (15 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 360361 [code-projects Gym Management System 1.0 edit_exercises.php edit_exercise SQL 주입] |
|---|
| 포인트들 | 20 |
|---|