CVE-2025-0880 | Codezips Gym Management System 1.0 updateplan.php planid sql injection

Posted by Angelo Barbosa | Jan 30, 2025 | CVE

A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/updateplan.php. The manipulation of the argument planid leads to sql injection.

The identification of this vulnerability is CVE-2025-0880. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-0880 | Codezips Gym Management System 1.0 updateplan.php planid sql injection

Related Posts

CVE-2024-38140 | Microsoft Windows up to Server 2022 23H2 Reliable Multicast Transport Driver use after free

CVE-2024-50086 | Linux Kernel up to 6.1.113/6.6.57/6.11.4 ksmbd session_lock use after free

CVE-2024-2200 | BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress cntctfrm_contact_subject cross site scripting

CVE-2023-52605 | Linux Kernel up to 6.7.3 on NULL ACPI acpi_extlog.c extlog_exit null pointer dereference