CVE-2017-17939

The CVE-2017-17939 entry relates to PHP Scripts Mall Single Theater Booking and describes a Cross-Site Request Forgery (CSRF) vulnerability in the admin/sitesettings.php page. The affected software/component is PHP Scripts Mall Single Theater Booking; the underlying issue is CSRF that allows an a...

CVE-2017-17938

The CVE-2017-17938 vulnerability affects PHP Scripts Mall Single Theater Booking. The issue is a cross-site scripting (XSS) flaw exploitable through the admin/viewtheatre.php theatreid parameter, likely allowing an attacker to inject arbitrary script via this input. The connected sources consiste...

CVE-2017-17634

CVE-2017-17634 affects PHP Scripts Mall Single Theater Booking Script 3.2.1. The vulnerability is a SQL Injection in the findcity.php q parameter, enabling remote command execution-like data access. Root cause: unsafely injected q parameter in SQL queries. Impact per sources: high/critical (CVSS ...

CVE-2017-17940

CVE-2017-17940 concerns PHP Scripts Mall Single Theater Booking. The issue is a cross-site scripting (XSS) vulnerability in the admin/sitesettings.php page caused by unsafely handling the title parameter. The exploit path is user-controlled input reflected in the title field, enabling an attacker...

CVE-2017-17941

CVE-2017-17941 affects the PHP Scripts Mall Single Theater Booking product, with a SQL Injection vulnerability exposed through the admin/movieview.php?movieid parameter. The connected documents consistently describe exploitability leading to disclosure of usernames or sensitive data. No specific ...