CNNVD-202601-1809 Information

CNNVD ID

CNNVD-202601-1809

Related CVE

CVE-2025-67147

• CNNVD Published: 2026-01-12

Description (Chinese)

GYM-MANAGEMENT-SYSTEM是Abhishek S个人开发者的一个健身房管理系统。 GYM-MANAGEMENT-SYSTEM 1.0版本存在安全漏洞，该漏洞源于submit_contact.php中的name、email和comment参数，secure_login.php中的username和pass_key参数，以及change_s_pwd.php中的login_id、pwfield和login_key参数未经验证，可能导致SQL注入攻击。

Description (English)

GYM-MANAGEMENT-SYSTEM is a gymnasium management system for Abhishek S personal developers. There is a security loophole in version 1.0 of GYM-MANAGEMENT-SYSTEM, which is derived from the name, email and input parameters in submit contact.php, security login.php username and pass key parameters, and the login id, pwfield and login key parameters in Change s pwd.php, which could lead to an attack by SQL injection.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-12

Last Modified

2026-02-24

References

https://github.com/amansuryawanshi/Gym-Management-System-PHP/issues/3 https://access.redhat.com/security/cve/cve-2025-67147