Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username and password fields, enabling SQL Injection attacks.
History

Fri, 11 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 24 Sep 2024 15:30:00 +0000


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-08-09T00:00:00

Updated: 2024-10-10T15:57:30.213Z

Reserved: 2023-06-28T00:00:00

Link: CVE-2023-37068

cve-icon Vulnrichment

Updated: 2024-08-02T17:01:10.031Z

cve-icon NVD

Status : Modified

Published: 2023-08-09T20:15:10.497

Modified: 2024-11-21T08:11:02.477

Link: CVE-2023-37068

cve-icon Redhat

No data.