CVE-2021-25209

The CVE-2021-25209 entry corresponds to a SQL injection vulnerability in SourceCodester Theme Park Ticketing System v1.0. The flaw arises from insufficient validation of the id parameter in view_user.php, enabling remote attackers to execute arbitrary SQL statements. Affected software is the Them...

CVE-2022-32302

CVE-2022-32302 affects Theme Park Ticketing System v1.0. The vulnerability is a SQL injection in edit_ticket.php triggered by the id parameter, caused by unsanitized input in the SQL statement. Public sources (NVD) report high impact (C, I, A high) with CVSS v3.1 base score 8.8 and network access...

CVE-2022-40049

CVE-2022-40049 affects sourcecodester Theme Park Ticketing System v1.0. A SQL injection via the id parameter on /tpts/manage_user.php can lead to unauthorized viewing of sensitive data (confidentiality impact). CVSSv3.1 base score 7.5 (HIGH) with network attack vector, low attack complexity, no u...

CVE-2023-2865

The CVE-2023-2865 entry concerns SourceCodester Theme Park Ticketing System 1.0. A SQL injection exists in the GET Parameter Handler’s print_ticket.php, caused by unsafely handling the id argument. The vulnerability is exploitable remotely, with public disclosure cited across sources (VDB-229821)...