CVE-2025-11591 | CodeAstro Gym Management System 1.0 delete-member.php ID sql injection

Inserito da Angelo Barbosa | Ott 10, 2025 | CVE

A vulnerability has been found in CodeAstro Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/actions/delete-member.php. The manipulation of the argument ID leads to sql injection.

This vulnerability is documented as CVE-2025-11591. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2025-11591 | CodeAstro Gym Management System 1.0 delete-member.php ID sql injection

Post correlati

CVE-2025-24575 | HelloAsso Plugin up to 1.1.11 on WordPress cross site scripting

CVE-2015-10140 | Darren Cooney Ajax Load More Plugin prior 2.8.1.2 on WordPress authorization

CVE-2025-39720 | Linux Kernel up to 6.6.102/6.12.43/6.16.3/6.17-rc2 ksmbd ksmbd_conn_releasing reference count

CVE-2025-11662 | SourceCodester Best Salon Management System 1.0 /booking.php serv_id sql injection