CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1434 matches found

EUVD•added 2025/10/11 12:30 a.m.•5 views

EUVD-2025-33783

A vulnerability was identified in CodeAstro Gym Management System 1.0. This impacts an unknown function of the file /customer/index.php. Such manipulation of the argument fullname leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used...

6.5CVSS6.5AI score0.00304EPSS

Exploits1References6

CNNVD•added 2025/10/11 12:0 a.m.•4 views

CodeAstro Gym Management System SQL注入漏洞

CodeAstro Gym Management System is a gym management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Gym Management System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /admin/actions/delete-member.php, which could lead to a SQL...

8.8CVSS6.9AI score0.00304EPSS

Exploits1References5

CNNVD•added 2025/10/11 12:0 a.m.•3 views

CodeAstro Gym Management System SQL注入漏洞

CodeAstro Gym Management System is a gym management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Gym Management System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /admin/edit-equipmentform.php, which could lead to a SQL injectio...

8.8CVSS6.9AI score0.00346EPSS

Exploits1References5

CNNVD•added 2025/10/11 12:0 a.m.•3 views

CodeAstro Gym Management System SQL注入漏洞

8.8CVSS6.9AI score0.00304EPSS

Exploits1References5

Positive Technologies•added 2025/10/11 12:0 a.m.•4 views

PT-2025-41639

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A flaw exists in CodeAstro Gym Management System version 1.0 that allows for remote SQL injection. The issue is located in the file /admin/edit-equipmentform.php and involves manipulation...

6.5CVSS6.5AI score0.00346EPSS

Exploits1References9

Positive Technologies•added 2025/10/11 12:0 a.m.•4 views

PT-2025-41640

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A flaw exists in CodeAstro Gym Management System 1.0. The issue is related to SQL injection within the file /admin/actions/delete-equipment.php. Manipulation of the ID argument can trigge...

6.5CVSS6.5AI score0.00304EPSS

Exploits1References8

CNNVD•added 2025/10/11 12:0 a.m.•2 views

CodeAstro Gym Management System SQL注入漏洞

CodeAstro Gym Management System is a gym management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Gym Management System version 1.0, which stems from incorrect manipulation of the parameter ename in the file /admin/equipment-entry.php, which could lead to a SQL injectio...

8.8CVSS6.9AI score0.00304EPSS

Exploits1References5

Positive Technologies•added 2025/10/11 12:0 a.m.•4 views

PT-2025-41623

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A flaw exists in CodeAstro Gym Management System 1.0. This issue is related to an unknown functionality within the file /admin/equipment-entry.php. Manipulation of the ename argument may...

6.5CVSS6.4AI score0.00304EPSS

Exploits1References9

Positive Technologies•added 2025/10/11 12:0 a.m.•20 views

PT-2025-41638

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A security issue exists in CodeAstro Gym Management System 1.0. The issue involves the manipulation of the ID argument in the file /admin/actions/delete-member.php, leading to a SQL...

6.5CVSS6.2AI score0.00304EPSS

Exploits1References10

OSV•added 2025/10/10 10:15 p.m.•1 views

CVE-2025-11589

A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/user-payment.php. Performing a manipulation of the argument plan results in sql injection. It is possible to initiate the attack remotely. The exploit has been released t...

8.8CVSS5.8AI score0.00346EPSS

Exploits1References5

NVD•added 2025/10/10 10:15 p.m.•3 views

CVE-2025-11589

8.8CVSS0.00346EPSS

Exploits1References5

OSV•added 2025/10/10 10:15 p.m.•3 views

CVE-2025-11588

8.8CVSS5.8AI score0.00304EPSS

Exploits1References5

NVD•added 2025/10/10 10:15 p.m.•3 views

CVE-2025-11588

8.8CVSS0.00304EPSS

Exploits1References5

ATTACKERKB•added 2025/10/10 9:32 p.m.•3 views

CVE-2025-11589

8.8CVSS5.4AI score0.00346EPSS

Exploits1References5Affected Software1

CVE•added 2025/10/10 9:32 p.m.•10 views

CVE-2025-11589

CodeAstro Gym Management System 1.0 has a SQL injection in /admin/user-payment.php triggered by manipulating the plan parameter. The vulnerability is exploitable remotely and an exploit has been released publicly. The exact root cause is an insecure handling of the plan argument leading to SQL in...

8.8CVSS6.4AI score0.00346EPSS

Exploits1References5Affected Software1

Cvelist•added 2025/10/10 9:32 p.m.•8 views

CVE-2025-11589 CodeAstro Gym Management System user-payment.php sql injection

6.5CVSS0.00346EPSS

Exploits1References5

Vulnrichment•added 2025/10/10 9:32 p.m.•9 views

CVE-2025-11589 CodeAstro Gym Management System user-payment.php sql injection

6.5CVSS6.4AI score0.00346EPSS

Exploits1References5

CVE•added 2025/10/10 9:32 p.m.•8 views

CVE-2025-11588

CodeAstro Gym Management System 1.0 contains a SQL injection in /customer/index.php caused by manipulating the fullname argument. The issue is exploitable remotely, with publicly available exploit material. Multiple connected sources consistently report the same root cause and impact, with CVEs a...

8.8CVSS6.4AI score0.00304EPSS

Exploits1References5Affected Software1

Cvelist•added 2025/10/10 9:32 p.m.•11 views

CVE-2025-11588 CodeAstro Gym Management System index.php sql injection

6.5CVSS0.00304EPSS

Exploits1References5

Vulnrichment•added 2025/10/10 9:32 p.m.•10 views

CVE-2025-11588 CodeAstro Gym Management System index.php sql injection

6.5CVSS6.7AI score0.00304EPSS

Exploits1References5

Rows per page