CVE Alert: CVE-2025-12242 - CodeAstro - Gym Management System

CVE-2025-12242

MEDIUMNo exploitation knownPoC observed

A vulnerability has been found in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/actions/check-attendance.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVSS v3.1 (6.3)

Vendor

CodeAstro

Product

Gym Management System

Versions

1.0

CWE

CWE-89, SQL Injection

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

Published

2025-10-27T07:02:14.435Z

Updated

2025-10-27T18:01:44.703Z

References

https://vuldb.com/?id.329913

https://vuldb.com/?ctiid.329913

https://vuldb.com/?submit.673411

https://github.com/yihaofuweng/cve/issues/54

https://codeastro.com/

AI Summary Analysis

Risk verdict

Medium risk; remote SQL injection with publicly available PoC; patch promptly recommended.

Why this matters

The flaw allows an attacker to read or modify data from the application’s database without authentication, potentially exposing personal information and undermining attendance integrity. Depending on the stored data, this can affect regulatory compliance, reporting accuracy, and trust in the system; exploitation could disrupt day-to-day operations for a gym or chain.

Most likely attack path

Exploitation is network-based with no user interaction and low credentials required (AV:N, AC:L, PR:L, UI:N, S:U).
An attacker supplies a crafted ID to /admin/actions/check-attendance.php, taking advantage of a vulnerable SQL query to exfiltrate or modify data.
Given scope is unchanged, the impact is limited to the application’s database, but compromise of attendance data can enable broader data exposure if the DB houses additional records.

Who is most exposed

Typically, small-to-medium gym management deployments with internet-facing admin interfaces or default hosting configurations are most at risk; sites using on-prem or lightweight hosting without strict access controls are common patterns.

Detection ideas

Look for suspicious input in ID parameters hitting check-attendance.php (unexpected length/special chars).
SQL error messages or abnormal database error traces in app logs.
WAF alerts or IDS signatures targeting SQLi patterns on the attendance endpoint.
Sudden spikes or unusual access from external IPs to the admin path.
PoC-like payloads observed in traffic or logs (e.g., attempts containing 1=1, UNION SELECT).

Mitigation and prioritisation

Apply patch or upgrade to the fixed release; confirm versioned remediation.
Convert the vulnerable code to parameterised queries/prepared statements; implement input validation.
Apply least-privilege DB accounts and restrict the admin endpoint behind VPN or IP allow-lists.
Implement or tune a WAF with SQL injection rules for the attendance API; monitor for repeated attempts.
Establish change-management testing in a staging environment before production rollout.

Support Our Work

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.

AI APIs OSINT driven New features

Buy Me A Coffee Patreon