CVE-2025-11589 | CodeAstro Gym Management System 1.0 /admin/user-payment.php plan sql injection

Inserito da Angelo Barbosa | Ott 10, 2025 | CVE

A vulnerability, which was classified as critical, has been found in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/user-payment.php. Performing manipulation of the argument plan results in sql injection.

This vulnerability is cataloged as CVE-2025-11589. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-11589 | CodeAstro Gym Management System 1.0 /admin/user-payment.php plan sql injection

Post correlati

CVE-2024-3154 | cri-o Pod Annotation command injection

CVE-2025-44887 | Planet Technology FW-WGS-804HPT 1.305b241111 web_radiusSrv_post radIpkey stack-based overflow

CVE-2023-7068 | webtoffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Plugin Order Export authorization

CVE-2024-2801 | Shopkeeper Extender Plugin up to 3.5 on WordPress cross site scripting