Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| single_theater_booking_script_project | single_theater_booking_script | 3.2.1 |
PHP Scripts Mall Single Theater Booking has XSS via the admin/viewtheatre.php theatreid parameter.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| single_theater_booking_script_project | single_theater_booking_script | 3.2.2 |
PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| single_theater_booking_script_project | single_theater_booking_script | 3.2.2 |
PHP Scripts Mall Single Theater Booking has XSS via the title parameter to admin/sitesettings.php.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| single_theater_booking_script_project | single_theater_booking_script | 3.2.2 |
PHP Scripts Mall Single Theater Booking has SQL Injection via the admin/movieview.php movieid parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| single_theater_booking_script_project | single_theater_booking_script | 3.2.2 |