CVE-2020-29288: SQL Injection
First published: Wed Dec 02 2020(Updated: )
An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Gym Management System Project Gym Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-29288?
CVE-2020-29288 is an SQL injection vulnerability discovered in the Gym Management System.
How does the vulnerability occur?
The vulnerability occurs in the manage_user.php file of the Gym Management System, specifically in the 'id' parameter of the GET request.
What is the severity of CVE-2020-29288?
CVE-2020-29288 has a severity rating of 9.8, which is considered critical.
How can I fix CVE-2020-29288?
To fix CVE-2020-29288, you should update the Gym Management System to a patched version or apply the necessary security measures to prevent SQL injection attacks.
Where can I find more information about CVE-2020-29288?
More information about CVE-2020-29288 can be found in the following references: [GitHub](https://github.com/BigTiger2020/Gym-Management-System/blob/main/README.md), [Exploit-DB](https://www.exploit-db.com/exploits/48936), [Source Codester](https://www.sourcecodester.com/php/14541/gym-management-system-using-phpmysqli-source-code.html).
- collector/nvd-index
- agent/weakness
- agent/event
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/tags
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/gym management system project
- canonical/gym management system project gym management system
- version/gym management system project gym management system/1.0