CVE-2023-5185 – Gym Management System Project v1.0 has an insec... (How to Fix)

Q: What is the severity of CVE-2023-5185?

CVE-2023-5185 has a CVSS score of 9.1 (CRITICAL). Gym Management System Project v1.0 has an insecure file upload vulnerability that allows authenticated attackers to upload malicious files and execute arbitrary code on the server. This affects all deployments of this specific software version.

📋 TL;DR

Gym Management System Project v1.0 has an insecure file upload vulnerability that allows authenticated attackers to upload malicious files and execute arbitrary code on the server. This affects all deployments of this specific software version.

💻 Affected Systems

Products:

Gym Management System Project

Versions: v1.0

Operating Systems: Any OS running PHP web server

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authentication but default credentials may be used

📦 What is this software?

Gym Management System Project by Projectworlds

View all CVEs affecting Gym Management System Project →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise allowing data theft, ransomware deployment, or use as attack platform

🟠

Likely Case

Webshell installation leading to data exfiltration and lateral movement

🟢

If Mitigated

Limited impact with proper file upload restrictions and server hardening

🌐 Internet-Facing: HIGH - Directly exploitable via web interface

🏢 Internal Only: HIGH - Authenticated users can exploit from within network

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires authentication but is straightforward once authenticated

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://projectworlds.in/

Restart Required: No

Instructions:

No official patch available. Consider replacing with alternative software or implementing workarounds.

🔧 Temporary Workarounds

File Upload Restriction

all

Restrict file uploads to specific extensions and implement server-side validation

Modify profile/i.php to validate file extensions and MIME types

Web Application Firewall

all

Deploy WAF rules to block malicious file uploads

Configure WAF to block uploads of executable files to profile/i.php

🧯 If You Can't Patch

Remove or disable the profile/i.php upload functionality
Implement strict network segmentation and monitor for suspicious file uploads

🔍 How to Verify

Check if Vulnerable:

Check if Gym Management System Project v1.0 is installed and accessible at profile/i.php with file upload capability

Check Version:

Check application version in admin panel or source code

Verify Fix Applied:

Attempt to upload a malicious file (e.g., .php shell) and verify it's blocked or sanitized

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads to profile/i.php
PHP file execution from upload directory

Network Indicators:

POST requests to profile/i.php with file uploads
Subsequent requests to uploaded files

SIEM Query:

source="web_logs" AND uri="/profile/i.php" AND method="POST" AND file_upload="true"

📊 Metadata

CVE ID: CVE-2023-5185

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-434

Published: September 28, 2023

Last Updated: November 21, 2024

🔗 References

https://fluidattacks.com/advisories/orion Exploit,Third Party Advisory
https://projectworlds.in/ Product
https://fluidattacks.com/advisories/orion Exploit,Third Party Advisory
https://projectworlds.in/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-5185, you might also want to check these: