Project Worlds Online Movie Ticket Booking System 1.0
Approved changes feed: RSS · Atom
cpe:2.3:a:projectworlds:online_movie_ticket_booking_system:1.0:*:*:*:*:*:*:*
part: a version: 1.0 update: *
| Vendor | Projectworlds (1c49ba31-3767-5ff6-9610-c6dcb2aee835) |
|---|---|
| Product | Online Movie Ticket Booking System (a9c67a49-dad4-5785-85a4-fb638db8f9fe) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/projectworldsofficial/online-movie-ticket-ooking-system-in-php |
purl2cpe | 2026-06-01 10:16:18.476533 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-44174 |
vulnerable | 2026-06-03 14:53:05.130940 |
Online Movie Ticket Booking System v1.0 - Stored Cross-Site Scripting (XSS)
MEDIUM (6.4)
Online Movie Ticket Booking System v1.0 is vulnerable to
an authenticated Stored Cross-Site Scripting vulnerability.
Published: 2023-09-28T21:14:38.526Z
Updated: 2024-09-23T18:48:01.565Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44173 |
vulnerable | 2026-06-03 14:53:05.130604 |
Online Movie Ticket Booking System v1.0 - Reflected Cross-Site Scripting (XSS)
MEDIUM (5.4)
Online Movie Ticket Booking System v1.0 is vulnerable to
an authenticated Reflected Cross-Site Scripting vulnerability.
Published: 2023-09-28T20:55:48.677Z
Updated: 2024-09-23T18:56:26.943Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44166 |
vulnerable | 2026-06-03 14:53:05.127421 |
Online Movie Ticket Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
The 'age' parameter of the process_registration.php resource
does not validate the characters received and they
are sent unfiltered to the database.
Published: 2023-09-28T21:51:51.812Z
Updated: 2024-09-23T18:42:18.913Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44164 |
vulnerable | 2026-06-03 14:53:05.126929 |
Online Movie Ticket Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
The 'Email' parameter of the process_login.php resource
does not validate the characters received and they
are sent unfiltered to the database.
Published: 2023-09-28T21:44:23.019Z
Updated: 2024-09-23T18:45:14.355Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44163 |
vulnerable | 2026-06-03 14:53:05.126427 |
Online Movie Ticket Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
The 'search' parameter of the process_search.php resource
does not validate the characters received and they
are sent unfiltered to the database.
Published: 2023-09-28T21:42:30.346Z
Updated: 2024-09-23T18:46:50.289Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44866 |
vulnerable | 2026-06-03 14:45:37.551718 |
Details available
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database.
Published: 2022-02-03T13:19:33.000Z
Updated: 2024-08-04T04:32:13.030Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.