Online Movie Theater Seat Reservation System
Monthly
Cross-site scripting (XSS) in Campcodes Online Movie Theater Seat Reservation System 1.0 allows authenticated remote attackers to inject malicious scripts via the Firstname or Lastname parameters on the reserve page, requiring user interaction to trigger. The vulnerability has a low CVSS score of 2.0 due to authentication and user interaction requirements, but publicly available exploit code exists and the vulnerability is classified as problematic with potential for phishing or session hijacking attacks.
A vulnerability has been found in Campcodes Online Movie Theater Seat Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage_seat.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Cross-site scripting (XSS) in Campcodes Online Movie Theater Seat Reservation System 1.0 allows authenticated remote attackers to inject malicious scripts via the Firstname or Lastname parameters on the reserve page, requiring user interaction to trigger. The vulnerability has a low CVSS score of 2.0 due to authentication and user interaction requirements, but publicly available exploit code exists and the vulnerability is classified as problematic with potential for phishing or session hijacking attacks.
A vulnerability has been found in Campcodes Online Movie Theater Seat Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage_seat.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.