CVE-2025-4488 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4488

Published : May 9, 2025, 8:15 p.m. | 4 hours, 3 minutes ago

Description : A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_package. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Element is not identifed in the second test method

June 19, 2024

I have a strange behavior : I created Test Class with 2 Test Methods as below.
When I call AddLimitedBuyOrderwithRandom in the first method it works fine without any exception, but if I call AddLimitedBuyOrderwithRandom from the second method I get a NoSuchElement exception.
This is the code for the test class:
public class TestLoginPage extends TestBase {
public HomePage homeobject;
public NewOrdersLoginPage OrderLoginObject;
public OrderMgmtPage OrdersMgmentObject;

@Test
public void SuccessLogin() throws InterruptedException
{
homeobject = new HomePage(driver);
homeobject.OpenOrdersPage();
OrderLoginObject = new NewOrdersLoginPage(driver);
OrderLoginObject.userLogin(“140”, “12345”);
OrdersMgmentObject = new OrderMgmtPage(driver);
OrdersMgmentObject.AddLimitedBuyOrderwithRandom(“10”);
}

@Test(enabled= true)
public void AddLimitOrderTest() throws InterruptedException
{
OrdersMgmentObject = new OrderMgmtPage(driver);
OrdersMgmentObject.AddLimitedBuyOrderwithRandom(“10”);
}
}

and this is the code for AddLimitedBuyOrderwithRandom:
public void AddLimitedBuyOrderwithRandom(String SharesCount) throws InterruptedException
{
clickButton(NewOrderLink);
clickButton(BuyTypeRadio);
selectDropdownByValue( companyList, “Company”);
typeText(ShareNoTxt, SharesCount);
selectDropdownByValue( OrderTypeList, “2”);
selectDropdownByValue( OrderValidityList, “0”);
double Pricerandom = getRandomNumberInRange(ReturnShareLimitDown(),ReturnShareLimitUp());
typeText(SharePriceTxt,Double.toString(Pricerandom));
clickButton(SubmitOrderBtn);
}

(Added from comments on answers)
My base class is:
public class TestBase
{
public static WebDriver driver ;
public static String downloadPath = System.getProperty(“user.dir”) + “\Downloads”;
public String BaseURL = “URL”;

@BeforeSuite
@Parameters({“browser”})
public void startDriver(@Optional (“chrome”) String browserType)
{
if (browserType.equalsIgnoreCase(“chrome”) )
{
System.setProperty(“webdriver.chrome.driver”, System.getProperty(“user.dir”)+”/drivers/chromedriver.exe”);
driver = new ChromeDriver();
}
}

driver.manage().window().maximize();
driver.navigate().to(BaseURL);
}

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Your password manager is under attack, and this new threat makes it worse: How to defend yourself

EcoFlow’s new backyard solar energy system starts at $599 – no installation crews or permits needed

Why Sonos’ cheapest smart speaker is one of my favorites – even a year after its release

7 productivity gadgets I can’t live without (and why they make such a big difference)

Tap into Your PHP Potential with Free Projects at PHPGurukul

Tap into Your PHP Potential with Free Projects at PHPGurukul

Preparing for AI? Here’s How PIM Gets Your Data in Shape

A Closer Look at the AI Assistant of Oracle Analytics

kew v3.2.0 improves internet radio support and more

kew v3.2.0 improves internet radio support and more

GNOME Replace Totem Video Player with Showtime

Placemark is a web-based tool for geospatial data

CVE-2025-4488 – iSourcecode Gym Management System SQL Injection Vulnerability

CVE-2025-4487 – iSourcecode Gym Management System SQL Injection Vulnerability

CVE-2025-47269 – Code-server Proxy Pathway Token Exfiltration

Tale of Yetilia – The Yeti’s Kingdom

BeforeClass doesn’t get displayed in TestNG test results window

The Role of UI/UX Design in Cybersecurity

Last Week in AI #273 – Elon Musk and OpenAI drama heats up, new OpenAI partnerships, Google’s AI search feature rollback, and more!

Element is not identifed in the second test method

Survey reveals the usage and perception of AI in the overall workforce, beyond just the realm of software development

CodeSOD: A Double Date

Rilasciato GIMP 3.0.2: la prima versione di manutenzione per la suite grafica open source

CVE-2025-4488 – iSourcecode Gym Management System SQL Injection Vulnerability

Related Posts