CVE-2025-60311

High CVSS: 8.8

ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in the profile/edit.php page

Vendor

Product

CWE

Yayın Tarihi

2025-10-08 20:15:35

Güncelleme

2025-10-16 15:27:57

Source Identifier

cve@mitre.org

KEV Date Added

CWE-89 Gym Management System HIGH Projectworlds 2025

https://github.com/ChuckBartowski7/Vulnerability-Research/blob/main/CVE-2025-60311/README.md https://github.com/projectworldsofficial/Gym-Management-System-Project-in-PHP https://youtu.be/J_7G_AahgSw

Medium

CVE-2026-3757

A security flaw has been discovered in projectworlds Online Art Gallery Shop 1.0. Affected by this vulnerability is an u…

Medium

CVE-2026-3758

A weakness has been identified in projectworlds Online Art Gallery Shop 1.0. Affected by this issue is some unknown func…

Medium

CVE-2026-3759

A security vulnerability has been detected in projectworlds Online Art Gallery Shop 1.0. This affects an unknown part of…

Medium

CVE-2026-3406

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of t…

High

CVE-2025-70147

Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 all…

Critical

CVE-2025-70146

Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Genera…