5 matches found
CVE-2026-13225 Stored XSS in ticket confirmation page
Malicious HTML content could be injected into the email address of an order, which pretix showed without sanitization on the confirmation page for individual tickets in that order...
CVE-2026-13225
The provided connected documents confirm CVE-2026-13225 as a Stored XSS in pretix. Malicious HTML content could be injected into the email address field of an order; pretix displays this on the confirmation page for individual tickets without sanitization. Affects pretix’s order confirmation page...
CVE-2025-6890
A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ticketConfirmation.php. The manipulation of the argument Date leads to sql injection. The attack may be initiated remotely. The exploit has...
Code-Projects Movie Ticketing System 注入漏洞
Code-Projects Movie Ticketing System is an open source movie ticketing system from Code-Projects. An injection vulnerability exists in code-projects Movie Ticketing System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter Date in the file...
Threat Outbreak Alert: Fake Airline Ticket Order Confirmation Email Messages on February 24, 2014
Medium Alert ID: 33028 First Published: 2014 February 25 19:52 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an airline ticket confirmation for the recipient. The text in the email message attempts to convince the...