Submit #780406: code-projects Simple Gym Management System 1.0 SQL Injectioninfo

Titlecode-projects Simple Gym Management System 1.0 SQL Injection
DescriptionThe payment functionality directly concatenates Payment_id, Amount, customer_id, payment_type, and customer_name into the INSERT statement without any filtering. An attacker could manipulate payment data, resulting in financial loss. Impact: An attacker could manipulate payment data to alter amounts, forge payment records, cause financial loss, or even obtain all payment information.
Source⚠️ https://github.com/maidangdang1/CVE/issues/5
User
 nomath (UID 96446)
Submission03/15/2026 11:05 (4 months ago)
Moderation03/31/2026 10:52 (16 days later)
StatusAccepted
VulDB entry354336 [code-projects Simple Gym Management System 1.0 Payment sql injection]
Points20

Do you know our Splunk app?

Download it now for free!