Gym Management System Project
by Gym Management System Project
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-29288 | Cri | 0.64 | 9.8 | 0.03 | Dec 2, 2020 | An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable. | ||
| CVE-2023-5185 | Cri | 0.59 | 9.1 | 0.01 | Sep 28, 2023 | Gym Management System Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'file' parameter of profile/i.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application. | ||
| CVE-2022-46062 | Med | 0.29 | 4.5 | 0.00 | Dec 13, 2022 | Gym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF). |
- risk 0.64cvss 9.8epss 0.03
An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable.
- risk 0.59cvss 9.1epss 0.01
Gym Management System Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'file' parameter of profile/i.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application.
- risk 0.29cvss 4.5epss 0.00
Gym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).