7 matches found
CVE-2025-7547
CVE-2025-7547 affects Campcodes Online Movie Theater Seat Reservation System 1.0. A vulnerability in the /admin/admin_class.php save_movie function arises from manipulation of the cover parameter, causing unrestricted file upload. This enables remote exploitation and is described as a critical is...
CVE-2025-7455
CVE-2025-7455 affects Campcodes Online Movie Theater Seat Reservation System 1.0. An SQL injection is possible in the unknown functionality at /manage_reserve.php by manipulating the mid argument, enabling remote exploitation and with the exploit publicly disclosed. Documented impact is high acro...
CVE-2025-7840
CVE-2025-7840 affects Campcodes Online Movie Theater Seat Reservation System 1.0. The vulnerability is a cross-site scripting (XSS) flaw in the Reserve Your Seat Page, specifically in the /index.php?page=reserve endpoint where the Firstname and Lastname arguments are not properly sanitized. This ...
CVE-2025-7838
CVE-2025-7838 affects Campcodes Online Movie Theater Seat Reservation System v1.0. The flaw resides in the file /admin/manage_seat.php where the ID parameter is manipulated to perform an SQL injection. This is a remote, unauthenticated vulnerability with potential high impact on confidentiality, ...
CVE-2025-7457
Campcodes Online Movie Theater Seat Reservation System 1.0 is affected by a SQL injection in /admin/manage_movie.php via manipulation of the ID parameter. The vulnerability permits remote exploitation and exploits have been disclosed publicly. Concrete patch/version details are not provided in th...
CVE-2025-7454
Campcodes Online Movie Theater Seat Reservation System 1.0 is affected by a SQL injection in /admin/manage_theater.php via the ID parameter. The vulnerability is triggered remotely and exploitation has been publicly disclosed. The root cause is unsafely handling the ID argument, enabling arbitrar...
CVE-2025-7456
The CVE-2025-7456 affects Campcodes Online Movie Theater Seat Reservation System 1.0. A SQL injection vulnerability exists in the reserve.php function, triggered by manipulating the ID argument. The issue appears to be exploitable remotely, with publicly disclosed exploits. The provided data indi...