CVE-2025-67147

Multiple SQL Injection vulnerabilities exist in amansuryawanshi Gym-Management-System-PHP 1.0 via the 'name', 'email', and 'comment' parameters in (1) submit_contact.php, the 'username' and 'pass_key' parameters in (2) secure_login.php, and the 'login_id', 'pwfield', and 'login_key' parameters in (3) change_s_pwd.php. An unauthenticated or authenticated attacker can exploit these issues to bypass authentication, execute arbitrary SQL commands, modify database records, delete data, or escalate privileges to administrator level.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/amansuryawanshi/Gym-Management-System-PHP/issues/3

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Existen múltiples vulnerabilidades de inyección SQL en amansuryawanshi Gym-Management-System-PHP 1.0 a través de los parámetros 'name', 'email' y 'comment' en (1) submit_contact.php, los parámetros 'username' y 'pass_key' en (2) secure_login.php, y los parámetros 'login_id', 'pwfield' y 'login_key' en (3) change_s_pwd.php. Un atacante no autenticado o autenticado puede explotar estos problemas para omitir la autenticación, ejecutar comandos SQL arbitrarios, modificar registros de la base de datos, eliminar datos o escalar privilegios a nivel de administrador.

12 Jan 2026, 22:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
CWE		CWE-89

12 Jan 2026, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-12 21:15

Updated : 2026-06-17 09:57

NVD link : CVE-2025-67147

Mitre link : CVE-2025-67147

CVE.ORG link : CVE-2025-67147

JSON object : View

Products Affected

No product.

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2025-67147", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2025-67147", "role": "CISA Coordinator", "options": [{"exploitation": "poc"}, {"automatable": "yes"}, {"technicalImpact": "total"}], "version": "2.0.3", "timestamp": "2026-01-12T21:20:26.606156Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "affected": [{"source": "cve@mitre.org", "affectedData": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}]}], "published": "2026-01-12T21:15:59.133", "references": [{"url": "https://github.com/amansuryawanshi/Gym-Management-System-PHP/issues/3", "source": "cve@mitre.org"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL Injection vulnerabilities exist in amansuryawanshi Gym-Management-System-PHP 1.0 via the 'name', 'email', and 'comment' parameters in (1) submit_contact.php, the 'username' and 'pass_key' parameters in (2) secure_login.php, and the 'login_id', 'pwfield', and 'login_key' parameters in (3) change_s_pwd.php. An unauthenticated or authenticated attacker can exploit these issues to bypass authentication, execute arbitrary SQL commands, modify database records, delete data, or escalate privileges to administrator level."}, {"lang": "es", "value": "Existen m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en amansuryawanshi Gym-Management-System-PHP 1.0 a trav\u00e9s de los par\u00e1metros 'name', 'email' y 'comment' en (1) submit_contact.php, los par\u00e1metros 'username' y 'pass_key' en (2) secure_login.php, y los par\u00e1metros 'login_id', 'pwfield' y 'login_key' en (3) change_s_pwd.php. Un atacante no autenticado o autenticado puede explotar estos problemas para omitir la autenticaci\u00f3n, ejecutar comandos SQL arbitrarios, modificar registros de la base de datos, eliminar datos o escalar privilegios a nivel de administrador."}], "lastModified": "2026-06-17T09:57:28.537", "sourceIdentifier": "cve@mitre.org"}