CVE-2025-11592 | CodeAstro Gym Management System 1.0 edit-equipmentform.php ID sql injection

Inserito da Angelo Barbosa | Ott 10, 2025 | CVE

A vulnerability was found in CodeAstro Gym Management System 1.0 and classified as critical. This affects an unknown part of the file /admin/edit-equipmentform.php. The manipulation of the argument ID results in sql injection.

This vulnerability is reported as CVE-2025-11592. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-11592 | CodeAstro Gym Management System 1.0 edit-equipmentform.php ID sql injection

Post correlati

CVE-2025-0637 | Beta10 /app/tools.html improper authentication

CVE-2024-47130 | goTenna Pro Series up to 1.6.1 Local Public Key missing authentication (icsa-24-270-04)

CVE-2024-8381 | Mozilla Firefox up to 129.x Property Name Lookup type confusion

CVE-2025-30761 | Oracle Java SE/GraalVM Enterprise Edition Scripting Remote Code Execution