4 matches found
CVE-2020-25762
An issue was discovered in SourceCodester Seat Reservation System 1.0. The file adminclass.php does not perform input validation on the username and password parameters. An attacker can send malicious input in the post request to /admin/ajax.php?action=login and bypass authentication, extract...
Seat Reservation System 1.0 - Unauthenticated SQL Injection
Title: Seat Reservation System 1.0 - Unauthenticated SQL Injection Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/seat-reservation-system-using-php0.zip Version: 1.0 Teste...
CVE-2020-25762
An issue was discovered in SourceCodester Seat Reservation System 1.0. The file adminclass.php does not perform input validation on the username and password parameters. An attacker can send malicious input in the post request to /admin/ajax.php?action=login and bypass authentication, extract...
CVE-2020-25762
CVE-2020-25762 affects SourceCodester Seat Reservation System 1.0. The vulnerability lies in admin_class.php which does not validate input for username/password, enabling an attacker to send crafted input to /admin/ajax.php?action=login to bypass authentication and potentially access sensitive in...