Description
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2021-31669 | An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database. |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-04T04:32:13.030Z
Reserved: 2021-12-13T00:00:00.000Z
Link: CVE-2021-44866
No data.
Status : Modified
Published: 2022-02-03T14:15:07.903
Modified: 2026-06-17T04:12:54.780
Link: CVE-2021-44866
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
EUVD