CVE-2025-4464 – This critical SQL injection vulnerability in it... (How to Fix)

Q: What is the severity of CVE-2025-4464?

CVE-2025-4464 has a CVSS score of 7.3 (HIGH). This critical SQL injection vulnerability in itsourcecode Gym Management System 1.0 allows attackers to execute arbitrary SQL commands through the /ajax.php?action=save_plan endpoint. Remote attackers can potentially access, modify, or delete database content. All users running version 1.0 without proper input validation are affected.

📋 TL;DR

This critical SQL injection vulnerability in itsourcecode Gym Management System 1.0 allows attackers to execute arbitrary SQL commands through the /ajax.php?action=save_plan endpoint. Remote attackers can potentially access, modify, or delete database content. All users running version 1.0 without proper input validation are affected.

💻 Affected Systems

Products:

itsourcecode Gym Management System

Versions: 1.0

Operating Systems: Any OS running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the /ajax.php?action=save_plan endpoint specifically

📦 What is this software?

Gym Management System by Admerc

View all CVEs affecting Gym Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, system takeover, or data destruction

🟠

Likely Case

Unauthorized data access and potential privilege escalation

🟢

If Mitigated

Limited impact with proper input validation and database permissions

🌐 Internet-Facing: HIGH - Remote exploitation possible without authentication

🏢 Internal Only: MEDIUM - Internal attackers could exploit if system is network-accessible

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit available on GitHub, requires minimal technical skill

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://itsourcecode.com/

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Add parameter validation to the save_plan function in ajax.php

Edit ajax.php to sanitize the 'plan' parameter using prepared statements or parameterized queries

Web Application Firewall

all

Deploy WAF with SQL injection rules

Configure WAF to block SQL injection patterns at /ajax.php?action=save_plan

🧯 If You Can't Patch

Block external access to /ajax.php endpoint at network perimeter
Implement strict database user permissions with least privilege

🔍 How to Verify

Check if Vulnerable:

Test /ajax.php?action=save_plan with SQL injection payloads like plan=1' OR '1'='1

Check Version:

Check software version in admin panel or readme files

Verify Fix Applied:

Verify parameterized queries are implemented and test with SQL injection payloads

📡 Detection & Monitoring

Log Indicators:

Unusual SQL errors in web server logs
Multiple requests to /ajax.php?action=save_plan with special characters

Network Indicators:

SQL keywords in HTTP POST/GET parameters to vulnerable endpoint

SIEM Query:

source="web_logs" AND uri="/ajax.php" AND (param="plan" AND value CONTAINS "' OR" OR value CONTAINS "UNION" OR value CONTAINS "SELECT")

📊 Metadata

CVE ID: CVE-2025-4464

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.07% exploit probability (20.5th percentile)

Published: May 9, 2025

Last Updated: December 22, 2025

🔗 References

https://github.com/a25962208/cve/issues/2 Exploit,Issue Tracking,Third Party Advisory
https://itsourcecode.com/ Product
https://vuldb.com/?ctiid.308083 Permissions Required,VDB Entry
https://vuldb.com/?id.308083 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.565990 Third Party Advisory,VDB Entry
https://github.com/a25962208/cve/issues/2 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-4464, you might also want to check these: