CVE Details
Basic Information
| Title | Campcodes Online Movie Theater Seat Reservation System reserve.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-11T20:02:05.824Z |
| Modified | 2025-07-11T20:20:13.568Z |
Product Information
| Vendor | Campcodes |
|---|---|
| Product | Online Movie Theater Seat Reservation System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A critical SQL injection vulnerability exists in Campcodes Online Movie Theater Seat Reservation System 1.0. An attacker can remotely inject malicious SQL code via the ID argument in reserve.php, potentially accessing or modifying sensitive data without authentication. |
|---|---|
| AI Severity | High |
| AI Vendor | Campcodes |
| AI Product | Online Movie Theater Seat Reservation System |
| AI Version | 1.0 |
Affected Products
- Campcodes Online Movie Theater Seat Reservation System 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as critical, has been found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected by this issue is some unknown functionality of the file /reserve.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.