CVE-2024-13007

A vulnerability, which was classified as critical, was found in Codezips Event Management System 1.0. Affected is an unknown function of the file /contact.php. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2024-9038

A vulnerability classified as problematic was found in Codezips Online Shopping Portal 1.0. Affected by this vulnerability is an unknown functionality of the file insert-product.php. The manipulation of the argument productimage1/productimage2/productimage3 leads to unrestricted upload. The attac...

CVE-2024-11661

A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file profile.php of the component Profile Image Handler. The manipulation of the argument image leads to unrestricted upload. The...

CVE-2024-13025

A vulnerability was found in Codezips College Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Front-end/faculty.php. The manipulation of the argument bookname/bookauthor leads to sql injection. It is possible to launch the attack remotely. T...

CVE-2024-12926

A vulnerability classified as critical was found in Codezips Project Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/forms/advanced.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The...

CVE-2024-10993

A vulnerability, which was classified as critical, was found in Codezips Online Institute Management System 1.0. Affected is an unknown function of the file /managewebsite.php. The manipulation of the argument websiteimage leads to unrestricted upload. It is possible to launch the attack remotely...

CVE-2024-10765

A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the argument oldimage leads to unrestricted upload. The attack can be initiated remotely. The exploit ha...

CVE-2024-10766

A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management System 1.0. This issue affects some unknown processing of the file /pages/saveuser.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated...

CVE-2024-10751

A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file pay.php. The manipulation of the argument customer leads to sql injection. The attack may be launched remotely. The exploit has been disclos...

CVE-2024-10426

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /animalsadd.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-29208

CodeZips Gym Management System v1.0 is vulnerable to SQL injection in the name parameter within /dashboard/admin/deleteroutine.php...

CVE-2025-29208

CodeZips Gym Management System v1.0 is vulnerable to SQL injection in the name parameter within /dashboard/admin/deleteroutine.php...

Codezips Gym Management System 安全漏洞

Codezips Gym Management System is an open source gym management system from Codezips. A security vulnerability exists in Codezips Gym Management System version 1.0, which originates from an SQL injection in the name parameter of dashboardadmindeleteoutine.php...

PT-2025-14374 · Codezips · Codezips Gym Management System

Name of the Vulnerable Software and Affected Versions: CodeZips Gym Management System version 1.0 Description: The issue concerns SQL injection in the name parameter within the "/dashboard/admin/deleteroutine.php" API endpoint. This allows for potential exploitation. Recommendations: For CodeZips...

CVE-2025-29208

CodeZips Gym Management System v1.0 is affected by an SQL injection in the name parameter of /dashboard/admin/deleteroutine.php. The CVE records a medium-severity issue (CVSS 6.5, Confidentiality/Integrity impact L, Availability impact N) with network attack vector, low complexity, no privileges,...

CVE-2025-29208

CodeZips Gym Management System v1.0 is vulnerable to SQL injection in the name parameter within /dashboard/admin/deleteroutine.php...

CVE-2025-29208

CodeZips Gym Management System v1.0 is vulnerable to SQL injection in the name parameter within /dashboard/admin/deleteroutine.php...

CVE-2025-2847

A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. This issue affects some unknown processing of the file /dashboard/admin/overmonth.php. The manipulation of the argument mm leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-2847

A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. This issue affects some unknown processing of the file /dashboard/admin/overmonth.php. The manipulation of the argument mm leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-2847

A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. This issue affects some unknown processing of the file /dashboard/admin/overmonth.php. The manipulation of the argument mm leads to sql injection. The attack may be initiated remotely. The...