| Title | code-projects Simple Gym Management System in PHP 1.0 SQL Injection |
|---|
| Description | The Simple Gym Management System in PHP 1.0 contains a SQL Injection vulnerability in the Trainer_id parameter processed by the /gym/func.php endpoint. The application fails to properly validate and sanitize user-supplied input before including it in SQL queries executed by the backend database.
An attacker can manipulate the Trainer_id parameter during trainer registration requests to inject malicious SQL statements. Because the input is directly concatenated into database queries without the use of prepared statements or proper filtering, it becomes possible to alter the intended SQL logic.
Testing confirms that the vulnerability can be exploited as a time-based blind SQL injection. By injecting database delay functions such as SLEEP(), an attacker can cause the server to pause its response for a specified amount of time. This measurable delay confirms that the injected SQL statement is executed by the database server.
Using this technique, an attacker can perform blind database enumeration and extract sensitive information from the backend database, including database names, tables, and stored records. Automated exploitation tools such as sqlmap successfully confirmed the vulnerability and were able to retrieve the current database name (loginsystem), demonstrating that arbitrary SQL commands can be executed through the vulnerable parameter.
Successful exploitation of this vulnerability may allow attackers to disclose sensitive data, manipulate application records, or further compromise the underlying system depending on the database privileges used by the application.
The issue exists due to improper input validation and the absence of parameterized queries when handling user-supplied data in the affected functionality. |
|---|
| Source | ⚠️ https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/Time-Based%20Blind%20SQL%20Injection%20in%20%20Simple%20Gym%20Management%20System%20in%20PHP%20Product.md |
|---|
| User | AhmadMarzook (UID 96211) |
|---|
| Submission | 03/07/2026 21:41 (1 month ago) |
|---|
| Moderation | 03/21/2026 17:51 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 352377 [code-projects Simple Gym Management System up to 1.0 /gym/func.php Trainer_id/fname sql injection] |
|---|
| Points | 20 |
|---|