CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36002
https://notcve.org/view.php?id=CVE-2020-36002
17 Feb 2021 — Seat-Reservation-System 1.0 has a SQL injection vulnerability in index.php in the id parameter where attackers can obtain sensitive database information. Seat-Reservation-System versión 1.0, presenta una vulnerabilidad de inyección SQL en el archivo index.php en los parámetros id donde los atacantes pueden obtener información confidencial de la base de datos • https://github.com/BigTiger2020/Seat-Reservation-System • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.1EPSS: 11%CPEs: 1EXPL: 3CVE-2020-25762 – Seat Reservation System 1.0 - Unauthenticated SQL Injection
https://notcve.org/view.php?id=CVE-2020-25762
22 Sep 2020 — An issue was discovered in SourceCodester Seat Reservation System 1.0. The file admin_class.php does not perform input validation on the username and password parameters. An attacker can send malicious input in the post request to /admin/ajax.php?action=login and bypass authentication, extract sensitive information etc. Se detectó un problema en SourceCodester Seat Reservation System versión 1.0. • https://www.exploit-db.com/exploits/48889 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 20%CPEs: 1EXPL: 2CVE-2020-25763 – Seat Reservation System 1.0 Shell Upload
https://notcve.org/view.php?id=CVE-2020-25763
21 Sep 2020 — Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files. Seat Reservation System versión 1.0, sufre una vulnerabilidad de carga de archivos no autenticada que permite a atacantes remotos obtener una Ejecución de Código Remota (RCE) en el Hosting Webserver por medio de una carga de archivos PHP Seat Reservation System version 1.0 suffers from an unauthenticated ... • http://packetstormsecurity.com/files/159260/Seat-Reservation-System-1.0-Shell-Upload.html • CWE-434: Unrestricted Upload of File with Dangerous Type •