CVE-2024-57430

Critical CVSS: 9.8

An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate database queries via the column parameter. Exploiting this flaw can lead to unauthorized information disclosure, privilege escalation, or database manipulation.

Vendor

Phpjabbers

Product

Cinema Booking System

CWE

CWE-89

Yayın Tarihi

2025-02-06 17:15:20

Güncelleme

2025-06-24 00:12:38

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-89 Cinema Booking System CRITICAL Phpjabbers 2025

Referanslar

https://github.com/ahrixia/CVE-2024-57430 https://www.phpjabbers.com/cinema-booking-system/

Benzer Kayıtlar

Medium

CVE-2023-53927

PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to in…

High

CVE-2023-53926

PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers…

Critical

CVE-2023-53877

Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that allows attackers to ma…

Medium

CVE-2025-10827

A weakness has been identified in PHPJabbers Restaurant Menu Maker up to 1.1. Affected by this issue is some unknown fun…

Medium

CVE-2023-51295

PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin…

Medium

CVE-2023-51328

PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "c_name, n…