| Название | code-projects GYM MANAGEMENT SYSTEM 1 SQL Injection |
|---|
| Описание | Although this Gym Management System in PHP is a simple mini project designed to manage members, trainers, and exercises from both admin and user panels, the current
implementation introduces multiple security risks.
Because several features rely on direct user-controlled input (especially in admin management operations), the application is vulnerable to critical issues such as SQL
Injection, weak authentication/session handling, and missing request protection.
As a result, an attacker may be able to access or manipulate sensitive gym records without proper authorization. These weaknesses indicate that the project lacks secure
input handling and defensive controls in key business modules.
|
|---|
| Источник | ⚠️ https://fox-byte.yuque.com/org-wiki-fox-byte-ig3xms/rdgsp5/yg012bnp1xorwq0p |
|---|
| Пользователь | Red0 (UID 96252) |
|---|
| Представление | 15.04.2026 09:54 (2 месяцы назад) |
|---|
| Модерация | 30.04.2026 21:04 (15 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 360361 [code-projects Gym Management System 1.0 edit_exercises.php edit_exercise SQL-инъекция] |
|---|
| Баллы | 20 |
|---|