CVE-2025-4363 | itsourcecode Gym Management System 1.0 ajax.php?action=end_membership rid sql injection

Inserito da Angelo Barbosa | Mag 5, 2025 | CVE

A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=end_membership. The manipulation of the argument rid leads to sql injection.

The identification of this vulnerability is CVE-2025-4363. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4363 | itsourcecode Gym Management System 1.0 ajax.php?action=end_membership rid sql injection

Post correlati

CVE-2023-33115 | Qualcomm Snapdragon initialization

CVE-2024-8113 | pretix up to 2024.7.0 HTML Tag HTML injection

CVE-2024-41954 | FOGproject FOG prior 1.5.10.41 Setting /opt/fog/.fogsettings permission assignment

CVE-2024-47134 | Jtekt Electronics Kostac PLC Programming Software up to 1.6.14.0 KPP Project File Parser out-of-bounds write