CVE-2025-0803

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 29, 2025

Updated: Feb 11, 2025

CWE ID 74

CWE ID 89

Summary

CVE-2025-0803 is a critical vulnerability affecting the Codezips Gym Management System 1.0. This issue lies in an unspecified functionality of the /dashboard/admin/submit_plan_new.php file. An attacker can exploit this vulnerability by manipulating the planid argument for sql injection attacks. These assaults can be carried out remotely, and the exploit has been made public, increasing the risk of potential harm.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Gym Management System

Affected Vendors

Codezips

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/23nXAv
https://www.cve.org/CVERecord?id=CVE-2025-0803
https://nvd.nist.gov/vuln/detail/CVE-2025-0803

Back to Vulnerability Database