Vulnerabilities > Projectworlds > Online Movie Ticket Booking System > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-28 CVE-2023-44166 SQL Injection vulnerability in Projectworlds Online Movie Ticket Booking System 1.0
The 'age' parameter of the process_registration.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-09-28 CVE-2023-44164 SQL Injection vulnerability in Projectworlds Online Movie Ticket Booking System 1.0
The 'Email' parameter of the process_login.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-09-28 CVE-2023-44163 SQL Injection vulnerability in Projectworlds Online Movie Ticket Booking System 1.0
The 'search' parameter of the process_search.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8