VYPR
Unrated severityNVD Advisory· Published Jan 30, 2025· Updated Jan 30, 2025

Codezips Gym Management System updateplan.php sql injection

CVE-2025-0880

Description

A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/updateplan.php. The manipulation of the argument planid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.