14 matches found
CVE-2026-5017
CVE-2026-5017 affects code-projects Simple Food Order System 1.0, specifically the Parameter Handler’s file /all-tickets.php. Affected behavior: manipulation of the Status parameter can cause SQL injection, with remote exploitation and the exploit publicly released. Remediation guidance present i...
PT-2026-28731
Name of the Vulnerable Software and Affected Versions code-projects Simple Food Order System version 1.0 Description A security flaw exists in code-projects Simple Food Order System version 1.0. The issue resides in the Parameter Handler component, specifically within the file /all-tickets.php...
EUVD-2024-55088
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the frmid and aremark parameters in manage-tickets.php...
CVE-2024-9298
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /?page=tickets of the component Ticket Handler. The manipulation of the argument id leads to improper access...
PT-2024-39553 · Sourcecodester · Sourcecodester Online Railway Reservation System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Railway Reservation System version 1.0 Description: A vulnerability was found in the Ticket Handler component, specifically affecting some unknown functionality of the file /?page=tickets. The manipulation of the id...
Online Railway Reservation System 访问控制错误漏洞
Online Railway Reservation System is an online railroad reservation system by adminastro individual developers. An access control error vulnerability exists in SourceCodester Online Railway Reservation System version 1.0, which stems from an improper access control issue contained in the id...
CVE-2024-7446
A vulnerability, which was classified as critical, was found in itsourcecode Ticket Reservation System 1.0. This affects an unknown part of the file listtickets.php. The manipulation of the argument prefSeatid leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2023-26984
An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request...
Design/Logic Flaw
An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request...
philadelphiaboxoffice.com XSS vulnerability
Vulnerable URL: https://www.philadelphiaboxoffice.com/tickets.php?/Queen-and-Adam-Lambert/Wells-Fargo-CenterPA-PA/=1"...
kansascityboxoffice.com XSS vulnerability
Vulnerable URL: https://www.kansascityboxoffice.com/tickets.php?/Naked-Magicians-18+-Event/Uptown-Theater-Kansas-City-MO/=1"...
houstonboxoffice.com XSS vulnerability
Vulnerable URL: https://www.houstonboxoffice.com/tickets.php?/Guy,-Monica,-112/Smart-Financial-Centre-TX/=1"...
losangelesboxoffice.com XSS vulnerability
Vulnerable URL: https://www.losangelesboxoffice.com/tickets.php?/BET-Experience-feat.-Bryson-Tiller,-Jhene-Aiko,-Keyshia-Cole/Staples-Center-CA/=1"...
austinticketsales.com XSS vulnerability
Vulnerable URL: https://www.austinticketsales.com/tickets.php?/Whose-Live-Anyway?/Bass-Concert-Hall-TX/=1"...