Vulnerability Details CVE-2017-17633
Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid parameter, show-time.php moid parameter, or event-detail.php eid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.025
EPSS Ranking 84.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://packetstormsecurity.com/files/145343/Multiplex-Movie-Theater-Booking-Script-3.1.5-SQL-Injection.html
- https://www.exploit-db.com/exploits/43301/
- https://packetstormsecurity.com/files/145343/Multiplex-Movie-Theater-Booking-Script-3.1.5-SQL-Injection.html
- https://www.exploit-db.com/exploits/43301/
Products affected by CVE-2017-17633
-
Multiplex Movie Theater Booking Script Project » Multiplex Movie Theater Booking Script » Version: 3.1.5cpe:2.3:a:multiplex_movie_theater_booking_script_project:multiplex_movie_theater_booking_script:3.1.5