Gym Management System Project Login page has SQL injection
College Attendance System (CAS) Released by SourceCodester Has SQL Injection in the admin login page and the add coach page
An attacker can obtain database information and modify the database content through this vulnerability, which is extremely harmful.
There is sql injection in the following paths
The following paths have post-type injection
/mygym/admin/login.php
The following paths have get-tpye injection
/mygym/admin/index.php?edit_tran
sql post-type injection
The admin login page is as follows
There are 2 fields with injection points
admin_email
admin_pass
sql get-type injection
The /mygym/admin/index.php?edit_tran page is as follows
LINK
https://www.sourcecodester.com/php/15515/gym-management-system-project-php.html






