Vulnerabilities > Projectworlds > Online Movie Ticket Booking System

DATE CVE VULNERABILITY TITLE RISK
2023-09-28 CVE-2023-44163 SQL Injection vulnerability in Projectworlds Online Movie Ticket Booking System 1.0
The 'search' parameter of the process_search.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-09-28 CVE-2023-44164 SQL Injection vulnerability in Projectworlds Online Movie Ticket Booking System 1.0
The 'Email' parameter of the process_login.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-09-28 CVE-2023-44166 SQL Injection vulnerability in Projectworlds Online Movie Ticket Booking System 1.0
The 'age' parameter of the process_registration.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-09-28 CVE-2023-44174 Cross-site Scripting vulnerability in Projectworlds Online Movie Ticket Booking System 1.0
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability.
network
low complexity
projectworlds CWE-79
5.4
5.4
2023-09-28 CVE-2023-44173 Cross-site Scripting vulnerability in Projectworlds Online Movie Ticket Booking System 1.0
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability.
network
low complexity
projectworlds CWE-79
5.4
5.4
2022-02-03 CVE-2021-44866 SQL Injection vulnerability in Projectworlds Online Movie Ticket Booking System 1.0
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0.
network
low complexity
projectworlds CWE-89
5.0
5.0