CVE-2025-67147
Unknown Unknown - Not Provided
Multiple SQL Injection in Gym-Management-System PHP Enables Admin Takeover

Publication date: 2026-01-12

Last updated on: 2026-01-12

Assigner: MITRE

Description
Multiple SQL Injection vulnerabilities exist in amansuryawanshi Gym-Management-System-PHP 1.0 via the 'name', 'email', and 'comment' parameters in (1) submit_contact.php, the 'username' and 'pass_key' parameters in (2) secure_login.php, and the 'login_id', 'pwfield', and 'login_key' parameters in (3) change_s_pwd.php. An unauthenticated or authenticated attacker can exploit these issues to bypass authentication, execute arbitrary SQL commands, modify database records, delete data, or escalate privileges to administrator level.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-12
Last Modified
2026-01-12
Generated
2026-06-16
AI Q&A
2026-01-13
EPSS Evaluated
2026-06-14
NVD
CVE-2025-67147
EUVD
EUVD-2026-1915
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
amansuryawanshi gym-management-system-php 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability consists of multiple SQL Injection flaws in the Gym-Management-System-PHP application. Specifically, unsafe handling of user inputs in the 'submit_contact.php', 'secure_login.php', and 'change_s_pwd.php' files allows attackers to inject malicious SQL code. This happens because user inputs are directly concatenated into SQL queries without proper sanitization or use of prepared statements. As a result, attackers can bypass authentication, execute arbitrary SQL commands, modify or delete database records, and escalate privileges to administrator level. [1]

Impact Analysis

Exploitation of these SQL Injection vulnerabilities can lead to severe impacts including unauthorized authentication bypass (allowing attackers to gain admin access), extraction of sensitive user data, modification or deletion of database records, and privilege escalation from normal users to administrators. This compromises the confidentiality, integrity, and availability of the system and its data. [1]

Detection Guidance

This vulnerability can be detected by testing the vulnerable parameters for SQL Injection using crafted inputs. For example, sending POST requests with SQL injection payloads such as ' OR 1=1 -- to the parameters 'name', 'email', and 'comment' in submit_contact.php, or 'admin' OR '1'='1' -- in the username field of secure_login.php can reveal if the system is vulnerable. Commands using curl to test could be: 1. curl -X POST -d "name=' OR 1=1 --&[email protected]&message=test" http://yourserver/submit_contact.php 2. curl -X POST -d "username=admin' OR '1'='1' --&pass_key=any" http://yourserver/secure_login.php 3. curl -X POST -d "login_id=admin&pwfield=' OR 1=1 --&login_key=key" http://yourserver/change_s_pwd.php Observing successful authentication bypass or unexpected database changes indicates the presence of the vulnerability. [1]

Mitigation Strategies

Immediate mitigation steps include refactoring all database interactions to use prepared statements with parameter binding (e.g., mysqli_prepare() and mysqli_stmt_bind_param()) instead of directly concatenating user inputs into SQL queries. This prevents SQL injection by safely handling user inputs. Additionally, review and sanitize all inputs in submit_contact.php, secure_login.php, and change_s_pwd.php. Applying patches or updates that fix these issues, restricting access to these scripts, and monitoring for suspicious activity are also recommended. [1]

Compliance Impact

This vulnerability allows unauthorized attackers to bypass authentication, access sensitive user data, modify or delete database records, and escalate privileges to administrator level. Such unauthorized access and potential data breaches can lead to non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and ensuring data integrity and confidentiality. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67147. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart