Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2023-44174

Disclosure Date: September 28, 2023 (last updated October 08, 2023)
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-44166

Disclosure Date: September 28, 2023 (last updated October 08, 2023)
The 'age' parameter of the process_registration.php resource does not validate the characters received and they are sent unfiltered to the database.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-44164

Disclosure Date: September 28, 2023 (last updated October 08, 2023)
The 'Email' parameter of the process_login.php resource does not validate the characters received and they are sent unfiltered to the database.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-44163

Disclosure Date: September 28, 2023 (last updated October 08, 2023)
The 'search' parameter of the process_search.php resource does not validate the characters received and they are sent unfiltered to the database.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-44173

Disclosure Date: September 28, 2023 (last updated October 08, 2023)
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-44866

Disclosure Date: February 03, 2022 (last updated February 23, 2025)
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0