CVE-2025-12242 | CodeAstro Gym Management System 1.0 check-attendance.php ID sql injection

Inserito da Angelo Barbosa | Ott 26, 2025 | CVE

A vulnerability, which was classified as critical, was found in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/actions/check-attendance.php. Such manipulation of the argument ID leads to sql injection.

This vulnerability is uniquely identified as CVE-2025-12242. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-12242 | CodeAstro Gym Management System 1.0 check-attendance.php ID sql injection

Post correlati

CVE-2024-57776 | JFinalOA 1.0.2 /apply/getEditPage?view cross site scripting

CVE-2024-10656 | Tongda OA 2017 up to 11.9 /pda/meeting/apply.php mr_id sql injection

CVE-2024-48352 | Yealink Meeting Server 26.0.0.66 Server Response Enterprise ID information disclosure

CVE-2024-37502 | wpweb WooCommerce Social Login Plugin up to 2.6.3 on WordPress deserialization