CVE-2024-57429

Medium CVSS: 5.4

A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated admin into submitting an unauthorized request.

Vendor

Phpjabbers

Product

Cinema Booking System

CWE

CWE-352

Yayın Tarihi

2025-02-06 17:15:20

Güncelleme

2025-06-24 00:13:05

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-352 Cinema Booking System MEDIUM Phpjabbers 2025

Referanslar

https://github.com/ahrixia/CVE-2024-57429 https://www.phpjabbers.com/cinema-booking-system/

Benzer Kayıtlar

Medium

CVE-2023-53927

PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to in…

High

CVE-2023-53926

PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers…

Critical

CVE-2023-53877

Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that allows attackers to ma…

Medium

CVE-2025-10827

A weakness has been identified in PHPJabbers Restaurant Menu Maker up to 1.1. Affected by this issue is some unknown fun…

Medium

CVE-2023-51295

PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin…

Medium

CVE-2023-51328

PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "c_name, n…