CVE-2025-4362 | itsourcecode Gym Management System 1.0 ajax.php?action=save_membership member_id sql injection

Inserito da Angelo Barbosa | Mag 5, 2025 | CVE

A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=save_membership. The manipulation of the argument member_id leads to sql injection.

This vulnerability was named CVE-2025-4362. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4362 | itsourcecode Gym Management System 1.0 ajax.php?action=save_membership member_id sql injection

Post correlati

CVE-2024-50861 | GestiolP 3.5.7 ip_mod_dns_key_form.cgi TSIG Key cross site scripting

CVE-2024-11961 | Guangzhou Huayi Intelligent Technology Jeewms 3.7 WmOmNoticeHController.java preHandle request information disclosure

CVE-2024-0537 | Tenda W9 1.0.0.7(4456) httpd setWrlBasicInfo ssidIndex stack-based overflow

CVE-2024-32491 | Znuny up to 7.0.16 DB.pm FormIDAddFile Filename unrestricted upload (ZSA-2024-01)