Codeastro Gym Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Codeastro Gym Management System.
By the Year
In 2026 there have been 0 vulnerabilities in Codeastro Gym Management System. Last year, in 2025 Gym Management System had 11 security vulnerabilities published. Right now, Gym Management System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 11 | 6.01 |
It may take a day or so for new Gym Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Codeastro Gym Management System Security Vulnerabilities
CodeAstro Gym MS 1.0 SQLi in /admin/view-member-report.php (remote)
CVE-2025-13172
6.3 - Medium
- November 14, 2025
A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/view-member-report.php. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
SQL Injection
SQLi in CodeAstro Gym Management System 1.0 /admin/view-progress-report.php
CVE-2025-12610
4.7 - Medium
- November 03, 2025
A vulnerability was determined in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/view-progress-report.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
SQL Injection
CodeAstro Gym Management 1.0 SQL Injection via /admin/update-progress.php
CVE-2025-12609
4.7 - Medium
- November 03, 2025
A vulnerability was found in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-progress.php. Performing a manipulation of the argument id/ini_weight results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used.
SQL Injection
SQL Injection in CodeAstro GymMgmt 1.0 remove-announcement.php
CVE-2025-12261
6.3 - Medium
- October 27, 2025
A vulnerability was found in CodeAstro Gym Management System 1.0. This affects an unknown function of the file /admin/actions/remove-announcement.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.
SQL Injection
SQLi in CodeAstro Gym Mgmt Sys 1.0 via /admin/actions/check-attendance.php (CVE-2025-12242)
CVE-2025-12242
6.3 - Medium
- October 27, 2025
A vulnerability has been found in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/actions/check-attendance.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in CodeAstro Gym Management 1.0 delete-equipment.php (remote)
CVE-2025-11593
6.3 - Medium
- October 11, 2025
A flaw has been found in CodeAstro Gym Management System 1.0. This vulnerability affects unknown code of the file /admin/actions/delete-equipment.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.
SQL Injection
CodeAstro Gym Manager 1.0 Remote SQLi in /admin/edit-equipmentform.php
CVE-2025-11592
6.3 - Medium
- October 11, 2025
A vulnerability was detected in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/edit-equipmentform.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now public and may be used.
SQL Injection
Remote SQLi via ID in CodeAstro Gym Mgt Sys 1.0 delete-member.php
CVE-2025-11591
6.3 - Medium
- October 11, 2025
A security vulnerability has been detected in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/actions/delete-member.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
SQL Injection
SQL Injection in CodeAstro Gym Management System 1.0 admin/equipment-entry.php
CVE-2025-11590
6.3 - Medium
- October 11, 2025
A weakness has been identified in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/equipment-entry.php. Executing a manipulation of the argument ename can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
SQL Injection
CodeAstro 1.0 - /admin/user-payment.php SQLI via plan param
CVE-2025-11589
6.3 - Medium
- October 10, 2025
A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/user-payment.php. Performing a manipulation of the argument plan results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
SQL Injection
SQLI in CodeAstro Gym Mgt Sys 1.0 via fullname in /customer/index.php
CVE-2025-11588
6.3 - Medium
- October 10, 2025
A vulnerability was identified in CodeAstro Gym Management System 1.0. This impacts an unknown function of the file /customer/index.php. Such manipulation of the argument fullname leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Codeastro Gym Management System or by Codeastro? Click the Watch button to subscribe.
