First published: Wed Dec 02 2020(Updated: )
An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Gym Management System Project Gym Management System | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-29288 is an SQL injection vulnerability discovered in the Gym Management System.
The vulnerability occurs in the manage_user.php file of the Gym Management System, specifically in the 'id' parameter of the GET request.
CVE-2020-29288 has a severity rating of 9.8, which is considered critical.
To fix CVE-2020-29288, you should update the Gym Management System to a patched version or apply the necessary security measures to prevent SQL injection attacks.
More information about CVE-2020-29288 can be found in the following references: [GitHub](https://github.com/BigTiger2020/Gym-Management-System/blob/main/README.md), [Exploit-DB](https://www.exploit-db.com/exploits/48936), [Source Codester](https://www.sourcecodester.com/php/14541/gym-management-system-using-phpmysqli-source-code.html).