Gym Management System
Approved changes feed: RSS · Atom
cpe:2.3:a:codeastro:gym_management_system:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Codeastro (f92dc1fe-f2d7-58ad-92b0-40a98a9042be) |
|---|---|
| Product | Gym Management System (4e3e2f7e-ab94-5e8c-a87b-b0969afda9fb) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-13172 |
vulnerable | 2026-06-03 14:58:45.647564 |
CodeAstro Gym Management System view-member-report.php sql injection
MEDIUM (6.3)
A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/view-member-report.php. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
Published: 2025-11-14T18:02:06.388Z
Updated: 2026-02-24T06:27:54.665Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12610 |
vulnerable | 2026-06-03 14:58:44.598576 |
CodeAstro Gym Management System view-progress-report.php sql injection
MEDIUM (4.7)
A vulnerability was determined in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/view-progress-report.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
Published: 2025-11-03T01:32:06.052Z
Updated: 2026-02-24T06:21:34.772Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12609 |
vulnerable | 2026-06-03 14:58:44.598128 |
CodeAstro Gym Management System update-progress.php sql injection
MEDIUM (4.7)
A vulnerability was found in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-progress.php. Performing a manipulation of the argument id/ini_weight results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used.
Published: 2025-11-03T01:02:06.847Z
Updated: 2026-02-24T06:21:22.768Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12261 |
vulnerable | 2026-06-03 14:58:44.052177 |
CodeAstro Gym Management System remove-announcement.php sql injection
MEDIUM (6.3)
A vulnerability was found in CodeAstro Gym Management System 1.0. This affects an unknown function of the file /admin/actions/remove-announcement.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.
Published: 2025-10-27T10:02:14.597Z
Updated: 2026-02-24T07:10:25.573Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12242 |
vulnerable | 2026-06-03 14:58:44.026326 |
CodeAstro Gym Management System check-attendance.php sql injection
MEDIUM (6.3)
A vulnerability has been found in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/actions/check-attendance.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-10-27T07:02:14.435Z
Updated: 2026-02-24T07:09:29.025Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11593 |
vulnerable | 2026-06-03 14:58:42.732511 |
CodeAstro Gym Management System delete-equipment.php sql injection
MEDIUM (6.3)
A flaw has been found in CodeAstro Gym Management System 1.0. This vulnerability affects unknown code of the file /admin/actions/delete-equipment.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.
Published: 2025-10-11T07:02:05.897Z
Updated: 2026-02-24T06:58:46.160Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11592 |
vulnerable | 2026-06-03 14:58:42.732097 |
CodeAstro Gym Management System edit-equipmentform.php sql injection
MEDIUM (6.3)
A vulnerability was detected in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/edit-equipmentform.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now public and may be used.
Published: 2025-10-11T06:32:06.416Z
Updated: 2026-02-24T06:58:33.507Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11591 |
vulnerable | 2026-06-03 14:58:42.731674 |
CodeAstro Gym Management System delete-member.php sql injection
MEDIUM (6.3)
A security vulnerability has been detected in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/actions/delete-member.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
Published: 2025-10-11T05:02:06.905Z
Updated: 2026-02-24T06:58:19.627Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11590 |
vulnerable | 2026-06-03 14:58:42.731330 |
CodeAstro Gym Management System equipment-entry.php sql injection
MEDIUM (6.3)
A weakness has been identified in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/equipment-entry.php. Executing a manipulation of the argument ename can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
Published: 2025-10-11T01:02:07.340Z
Updated: 2026-02-24T06:58:06.841Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11589 |
vulnerable | 2026-06-03 14:58:42.730865 |
CodeAstro Gym Management System user-payment.php sql injection
MEDIUM (6.3)
A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/user-payment.php. Performing a manipulation of the argument plan results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
Published: 2025-10-10T21:32:09.530Z
Updated: 2026-02-24T06:57:52.805Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11588 |
vulnerable | 2026-06-03 14:58:42.729371 |
CodeAstro Gym Management System index.php sql injection
MEDIUM (6.3)
A vulnerability was identified in CodeAstro Gym Management System 1.0. This impacts an unknown function of the file /customer/index.php. Such manipulation of the argument fullname leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.
Published: 2025-10-10T21:32:06.853Z
Updated: 2026-02-24T06:57:39.019Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.