GCVE - cpe:2.3:a:codezips:gym_management_system:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:codezips:gym_management_system:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Codezips (`d6987edb-dda5-55fa-ba47-db9343ba86ca`)
Product	Gym Management System (`eff23ff2-663d-5bac-858a-484f4611de30`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/codezips/gym-management-system-php`	purl2cpe	2026-06-01 10:17:56.095606

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-2847`	vulnerable	2026-06-03 15:00:26.653701	Codezips Gym Management System over_month.php sql injection MEDIUM (6.3) A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. This issue affects some unknown processing of the file /dashboard/admin/over_month.php. The manipulation of the argument mm leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2025-03-27T13:00:19.885Z Updated: 2025-03-27T13:20:01.951Z Open on db.gcve.eu Reference links https://vuldb.com/?id.301493 https://vuldb.com/?ctiid.301493 https://vuldb.com/?submit.522330 https://www.yuque.com/baimatangseng-iyusa/qwwm81/zbefafzyl0of6g56?singleDoc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-1959`	vulnerable	2026-06-03 14:59:06.870475	Codezips Gym Management System change_s_pwd.php sql injection HIGH (7.3) A vulnerability, which was classified as critical, was found in Codezips Gym Management System 1.0. Affected is an unknown function of the file /change_s_pwd.php. The manipulation of the argument login_id/login_key leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-03-04T22:31:04.431Z Updated: 2025-04-02T20:49:26.630Z Open on db.gcve.eu Reference links https://vuldb.com/?id.298560 https://vuldb.com/?ctiid.298560 https://vuldb.com/?submit.510782 https://github.com/CContinueee/CVE/blob/main/CVE_1.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-1856`	vulnerable	2026-06-03 14:59:06.681669	Codezips Gym Management System gen_invoice.php sql injection HIGH (7.3) A vulnerability was found in Codezips Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/gen_invoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-03-03T07:31:06.276Z Updated: 2025-03-03T14:26:02.394Z Open on db.gcve.eu Reference links https://vuldb.com/?id.298124 https://vuldb.com/?ctiid.298124 https://vuldb.com/?submit.506107 https://github.com/smartttt1/CVE/blob/main/CVE_1.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-1854`	vulnerable	2026-06-03 14:59:06.680524	Codezips Gym Management System del_member.php sql injection MEDIUM (6.3) A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/del_member.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-03-03T06:31:04.518Z Updated: 2025-03-03T15:55:29.875Z Open on db.gcve.eu Reference links https://vuldb.com/?id.298122 https://vuldb.com/?ctiid.298122 https://vuldb.com/?submit.506053 https://github.com/yhj09/CVE/blob/main/CVE_1.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-1380`	vulnerable	2026-06-03 14:59:05.305133	Codezips Gym Management System del_plan.php sql injection MEDIUM (6.3) A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/del_plan.php. The manipulation of the argument name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-02-17T07:00:15.364Z Updated: 2025-02-18T19:32:08.675Z Open on db.gcve.eu Reference links https://vuldb.com/?id.295988 https://vuldb.com/?ctiid.295988 https://vuldb.com/?submit.501980 https://www.yuque.com/polaris-pisym/aevk1q/fdkeqw2a2ug9zohn	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-1206`	vulnerable	2026-06-03 14:58:58.003284	Codezips Gym Management System viewdetailroutine.php sql injection MEDIUM (6.3) A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file /dashboard/admin/viewdetailroutine.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-02-12T15:00:11.640Z Updated: 2025-02-12T15:15:05.152Z Open on db.gcve.eu Reference links https://vuldb.com/?id.295143 https://vuldb.com/?ctiid.295143 https://vuldb.com/?submit.496961 https://github.com/sekaino-sakura/CVE/blob/main/CVE_1.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-1188`	vulnerable	2026-06-03 14:58:57.981587	Codezips Gym Management System updateroutine.php sql injection MEDIUM (6.3) A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/admin/updateroutine.php. The manipulation of the argument tid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-02-12T09:00:10.434Z Updated: 2025-02-18T17:38:13.914Z Open on db.gcve.eu Reference links https://vuldb.com/?id.295094 https://vuldb.com/?ctiid.295094 https://vuldb.com/?submit.496409 https://github.com/takakie/CVE/blob/main/cve_1.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-1183`	vulnerable	2026-06-03 14:58:57.973592	CodeZips Gym Management System more-userprofile.php sql injection MEDIUM (6.3) A vulnerability has been found in CodeZips Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/admin/more-userprofile.php. The manipulation of the argument login_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-02-12T06:58:30.355Z Updated: 2025-02-18T17:42:17.794Z Open on db.gcve.eu Reference links https://vuldb.com/?id.295087 https://vuldb.com/?ctiid.295087 https://vuldb.com/?submit.495410 https://www.yuque.com/polaris-pisym/aevk1q/fyu4dy8fglbs6rzy	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-0881`	vulnerable	2026-06-03 14:58:33.102905	Codezips Gym Management System saveroutine.php sql injection MEDIUM (6.3) A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/saveroutine.php. The manipulation of the argument rname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-01-30T20:31:11.269Z Updated: 2025-01-30T21:21:00.332Z Open on db.gcve.eu Reference links https://vuldb.com/?id.294126 https://vuldb.com/?ctiid.294126 https://vuldb.com/?submit.489192 https://github.com/wizdzz/CVE/issues/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-0880`	vulnerable	2026-06-03 14:58:33.102511	Codezips Gym Management System updateplan.php sql injection MEDIUM (6.3) A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/updateplan.php. The manipulation of the argument planid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2025-01-30T20:31:08.278Z Updated: 2025-01-30T21:21:39.243Z Open on db.gcve.eu Reference links https://vuldb.com/?id.294125 https://vuldb.com/?ctiid.294125 https://vuldb.com/?submit.488716 https://www.yuque.com/u21735104/brookes/za83ilxr9g2fkv8b	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-0803`	vulnerable	2026-06-03 14:58:32.964048	Codezips Gym Management System submit_plan_new.php sql injection HIGH (7.3) A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/admin/submit_plan_new.php. The manipulation of the argument planid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-01-29T02:00:16.161Z Updated: 2025-02-12T19:51:15.520Z Open on db.gcve.eu Reference links https://vuldb.com/?id.293924 https://vuldb.com/?ctiid.293924 https://vuldb.com/?submit.485218 https://github.com/alc9700jmo/CVE/issues/8	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-0562`	vulnerable	2026-06-03 14:58:32.430311	Codezips Gym Management System health_status_entry.php sql injection MEDIUM (6.3) A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/health_status_entry.php. The manipulation of the argument usrid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2025-01-19T01:00:08.392Z Updated: 2025-01-21T20:31:08.238Z Open on db.gcve.eu Reference links https://vuldb.com/?id.292523 https://vuldb.com/?ctiid.292523 https://vuldb.com/?submit.484184 https://github.com/LiuSir5211314/-sir/issues/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-0541`	vulnerable	2026-06-03 14:58:32.402604	Codezips Gym Management System edit_member.php sql injection MEDIUM (6.3) A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/edit_member.php. The manipulation of the argument name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Published: 2025-01-17T21:31:05.006Z Updated: 2025-01-17T21:43:06.350Z Open on db.gcve.eu Reference links https://vuldb.com/?id.292433 https://vuldb.com/?ctiid.292433 https://vuldb.com/?submit.480220 https://github.com/nbeisss/CVE/issues/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-0535`	vulnerable	2026-06-03 14:58:32.391167	Codezips Gym Management System edit_mem_submit.php sql injection MEDIUM (6.3) A vulnerability classified as critical has been found in Codezips Gym Management System 1.0. This affects an unknown part of the file /dashboard/admin/edit_mem_submit.php. The manipulation of the argument uid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-01-17T19:00:16.943Z Updated: 2025-01-21T16:42:16.581Z Open on db.gcve.eu Reference links https://vuldb.com/?id.292419 https://vuldb.com/?ctiid.292419 https://vuldb.com/?submit.479159 https://github.com/lan041221/cve/blob/main/SQL_Injection_in_Gym_Management_System.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-0532`	vulnerable	2026-06-03 14:58:32.386529	Codezips Gym Management System new_submit.php sql injection MEDIUM (6.3) A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/new_submit.php. The manipulation of the argument m_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-01-17T17:31:04.437Z Updated: 2025-01-21T15:54:09.836Z Open on db.gcve.eu Reference links https://vuldb.com/?id.292416 https://vuldb.com/?ctiid.292416 https://vuldb.com/?submit.479100 https://github.com/TIANN0/CVE/issues/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-0231`	vulnerable	2026-06-03 14:58:24.047114	Codezips Gym Management System submit_payments.php sql injection MEDIUM (6.3) A vulnerability has been found in Codezips Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/admin/submit_payments.php. The manipulation of the argument m_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-01-05T21:31:05.496Z Updated: 2025-01-06T14:53:58.595Z Open on db.gcve.eu Reference links https://vuldb.com/?id.290227 https://vuldb.com/?ctiid.290227 https://vuldb.com/?submit.474596 https://github.com/gh464646/CVE/issues/1	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.