Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL Injection vulnerabilities exist in amansuryawanshi Gym-Management-System-PHP 1.0 via the 'name', 'email', and 'comment' parameters in (1) submit_contact.php, the 'username' and 'pass_key' parameters in (2) secure_login.php, and the 'login_id', 'pwfield', and 'login_key' parameters in (3) change_s_pwd.php. An unauthenticated or authenticated attacker can exploit these issues to bypass authentication, execute arbitrary SQL commands, modify database records, delete data, or escalate privileges to administrator level.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GYM-MANAGEMENT-SYSTEM 安全漏洞
Vulnerability Description
GYM-MANAGEMENT-SYSTEM是Abhishek S个人开发者的一个健身房管理系统。 GYM-MANAGEMENT-SYSTEM 1.0版本存在安全漏洞,该漏洞源于submit_contact.php中的name、email和comment参数,secure_login.php中的username和pass_key参数,以及change_s_pwd.php中的login_id、pwfield和login_key参数未经验证,可能导致SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A