PT-2025-20586 · Unknown · Itsourcecode Farm Management System

Wyl091256

Publicado

2025-05-09

Atualizado

2025-12-22

CVE-2025-4483

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions itsourcecode Gym Management System version 1.0

Description A critical issue has been found in the itsourcecode Gym Management System, affecting some unknown functionality of the file /view pdetails.php. The manipulation of the ID argument leads to SQL injection. This issue can be exploited remotely.

Recommendations For itsourcecode Gym Management System version 1.0, consider restricting access to the /view pdetails.php file until a patch is available. As a temporary workaround, avoid using the ID parameter in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Correção

Special Elements Injection

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-74CWE-89

Identificadores relacionados

CVE-2025-4483

Produtos afetados

Itsourcecode Farm Management System

PT-2025-20586 · Unknown · Itsourcecode Farm Management System

CVE-2025-4483

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14