CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Seat Reservation System Project: >> Seat Reservation System Security Vulnerabilities

CVE-2020-25762

An issue was discovered in SourceCodester Seat Reservation System 1.0. The file admin_class.php does not perform input validation on the username and password parameters. An attacker can send malicious input in the post request to /admin/ajax.php?action=login and bypass authentication, extract sensitive information etc.

CVSS Score

9.1

EPSS Score

0.124

Published

2020-09-30

CVE-2020-25763

Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files.

CVSS Score

9.8

EPSS Score

0.121

Published

2020-09-30

Page 1

Vulnerabilities

Vulnerable Software

Seat Reservation System Project: >> Seat Reservation System Security Vulnerabilities

Products

Pricing

Contact Us