125 matches found
CVE-2025-2847 Codezips Gym Management System over_month.php sql injection
A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. This issue affects some unknown processing of the file /dashboard/admin/overmonth.php. The manipulation of the argument mm leads to sql injection. The attack may be initiated remotely. The...
CVE-2025-2847
Codezips Gym Management System 1.0 contains a SQL injection vulnerability in /dashboard/admin/over_month.php caused by unsafe handling of the mm parameter. The issue is exploitable remotely and is publicly disclosed; it allows an attacker with network access to potentially impact confidentiality,...
CVE-2025-1854
A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/delmember.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2025-1959
A vulnerability, which was classified as critical, was found in Codezips Gym Management System 1.0. Affected is an unknown function of the file /changespwd.php. The manipulation of the argument loginid/loginkey leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-1959 Codezips Gym Management System change_s_pwd.php sql injection
A vulnerability, which was classified as critical, was found in Codezips Gym Management System 1.0. Affected is an unknown function of the file /changespwd.php. The manipulation of the argument loginid/loginkey leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-1959 Codezips Gym Management System change_s_pwd.php sql injection
A vulnerability, which was classified as critical, was found in Codezips Gym Management System 1.0. Affected is an unknown function of the file /changespwd.php. The manipulation of the argument loginid/loginkey leads to sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-1959
CVE-2025-1959 affects Codezips Gym Management System 1.0. The vulnerability exists in an unknown function of /change_s_pwd.php, where manipulation of the login_id/login_key parameters enables SQL injection. Exploitation is remote, and multiple sources confirm public disclosure. No official patch/...
PT-2025-9717 · Unknown · Codezips Gym Management System
Name of the Vulnerable Software and Affected Versions: Codezips Gym Management System version 1.0 Description: A critical vulnerability was found in the Codezips Gym Management System. The issue affects an unknown function of the file /change s pwd.php. The manipulation of the login id argument...
CVE-2025-1856
A vulnerability was found in Codezips Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/geninvoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...
CVE-2025-1856
A vulnerability was found in Codezips Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/geninvoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...
CVE-2025-1856 Codezips Gym Management System gen_invoice.php sql injection
A vulnerability was found in Codezips Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/geninvoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...
CVE-2025-1856 Codezips Gym Management System gen_invoice.php sql injection
A vulnerability was found in Codezips Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/geninvoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...
CVE-2025-1856
CVE-2025-1856 affects Codezips Gym Management System 1.0. The vulnerability is an SQL injection in the /dashboard/admin/gen_invoice.php file, triggered by manipulating the id parameter. It can be exploited remotely and is labeled critical by sources. Public disclosures exist. Remediation/patch de...
CVE-2025-1854
A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/delmember.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2025-1854
A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/delmember.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2025-1854 Codezips Gym Management System del_member.php sql injection
A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/delmember.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2025-1854
CVE-2025-1854 affects Codezips Gym Management System 1.0. The vulnerability is in the file /dashboard/admin/del_member.php where manipulation of the argument name leads to SQL injection. The issue is exploitable remotely and has been disclosed publicly. Connected sources confirm a critical severi...
CVE-2025-1854 Codezips Gym Management System del_member.php sql injection
A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/delmember.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2025-1380
A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/delplan.php. The manipulation of the argument name leads to sql injection. The attack may be launched remotely. The exploit...
CVE-2025-1380 Codezips Gym Management System del_plan.php sql injection
A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/delplan.php. The manipulation of the argument name leads to sql injection. The attack may be launched remotely. The exploit...