Sourcecodester · Sourcecodester Gym Management System · CVE-2022-2708
**Name of the Vulnerable Software and Affected Versions**
SourceCodester Gym Management System (affected versions not specified)
**Description**
A critical issue was found in the SourceCodester Gym Management System, affecting an unknown part of the file login.php. The manipulation of the `user login` argument with a specific input leads to SQL injection. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.