CVE-2025-11588 CodeAstro Gym Management System index.php sql injection

A vulnerability was identified in CodeAstro Gym Management System 1.0. This impacts an unknown function of the file /customer/index.php. Such manipulation of the argument fullname leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used...

CVE-2025-11588

CodeAstro Gym Management System 1.0 contains a SQL injection in /customer/index.php caused by manipulating the fullname argument. The issue is exploitable remotely, with publicly available exploit material. Multiple connected sources consistently report the same root cause and impact, with CVEs a...

PT-2025-41608

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A security flaw exists in CodeAstro Gym Management System 1.0. The issue involves a SQL injection impacting an unknown function within the /admin/user-payment.php file. Manipulation of th...

PT-2025-41607

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A flaw exists in CodeAstro Gym Management System 1.0 that allows for SQL injection. This occurs through manipulation of the fullname argument within the file '/customer/index.php'. The...