CVE-2025-13172 | CodeAstro Gym Management System 1.0 view-member-report.php ID sql injection

Inserito da Angelo Barbosa | Nov 14, 2025 | CVE

A vulnerability was found in CodeAstro Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/view-member-report.php. Performing manipulation of the argument ID results in sql injection.

This vulnerability was named CVE-2025-13172. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2025-13172 | CodeAstro Gym Management System 1.0 view-member-report.php ID sql injection

Post correlati

CVE-2024-37241 | Automattic WP Job Manager Plugin up to 2.1.0 on WordPress cross-site request forgery

CVE-2023-38018 | IBM Aspera Shares 1.10.0 PL2 Password Change session fixiation (XFDB-260574)

CVE-2023-48023 | Anyscale Ray 2.6.3/2.8.0 /log_proxy server-side request forgery

CVE-2024-3020 | shapedplugin Carousel, Slider, Gallery by WP Carousel Plugin up to 2.6.3 on WordPress shortcode deserialization