First published: Tue Aug 09 2022(Updated: )
A vulnerability was found in SourceCodester Gym Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /mygym/admin/index.php. The manipulation of the argument edit_tran leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205856.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Gym Management System Project Gym Management System |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-2728 is critical.
The affected software of CVE-2022-2728 is SourceCodester Gym Management System.
The vulnerability type of CVE-2022-2728 is SQL injection.
The SQL injection vulnerability in SourceCodester Gym Management System can be exploited remotely by manipulating the 'edit_tran' argument in the '/mygym/admin/index.php' file.
Yes, you can find references for CVE-2022-2728 [here](https://github.com/Blythe-LU/Record2/blob/main/Gym%20Management%20System%20Project%20-%20SQL%20injection.md) and [here](https://vuldb.com/?id.205856).