Filtered by vendor Projectworlds
Subscribe
Filtered by product Online Movie Ticket Booking System
Subscribe
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-44164 | 1 Projectworlds | 1 Online Movie Ticket Booking System | 2024-02-28 | N/A | 9.8 CRITICAL |
| The 'Email' parameter of the process_login.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-44173 | 1 Projectworlds | 1 Online Movie Ticket Booking System | 2024-02-28 | N/A | 5.4 MEDIUM |
| Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability. | |||||
| CVE-2023-44163 | 1 Projectworlds | 1 Online Movie Ticket Booking System | 2024-02-28 | N/A | 9.8 CRITICAL |
| The 'search' parameter of the process_search.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-44166 | 1 Projectworlds | 1 Online Movie Ticket Booking System | 2024-02-28 | N/A | 9.8 CRITICAL |
| The 'age' parameter of the process_registration.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-44174 | 1 Projectworlds | 1 Online Movie Ticket Booking System | 2024-02-28 | N/A | 5.4 MEDIUM |
| Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability. | |||||
| CVE-2021-44866 | 1 Projectworlds | 1 Online Movie Ticket Booking System | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database. | |||||