7.3 CVE-2025-9156
Exploit
A vulnerability was found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/sports.php. Performing manipulation of the argument code results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
https://nvd.nist.gov/vuln/detail/CVE-2025-9156
Categories
CWE-74
References
cna@vuldb.com Exploit
| https://github.com/kangsf1989/2025/issues/1 Exploit Issue Tracking Third Party Advisory |
| https://itsourcecode.com/ Product |
| https://vuldb.com/?ctiid.320536 Permissions Required VDB Entry |
| https://vuldb.com/?id.320536 Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.630274 Third Party Advisory VDB Entry |
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| cpe:2.3:a:angeljudesuarez:sports_management_system:1.0:*:*:*:*:*:*:* | ||
REMEDIATION
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
POC Github
| Url |
|---|
Other Nist (github, ...)
| Url |
|---|
| https://github.com/kangsf1989/2025/issues/1 |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
