Phpjabbers Cinema Booking System — known CVE vulnerabilities
Every CVE whose affected-product data names Phpjabbers Cinema Booking System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-57430 — CVSS 9.8 (critical): An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate…
CVE-2024-57428 — CVSS 9.3 (critical): A stored cross-site scripting (XSS) vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload…
CVE-2023-51333 — CVSS 8.8 (high): PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The…
CVE-2023-51335 — CVSS 6.5 (medium): PHPJabbers Cinema Booking System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "title, name" parameters.
CVE-2024-57427 — CVSS 6.1 (medium): PHPJabbers Cinema Booking System v2.0 is vulnerable to reflected cross-site scripting (XSS). Multiple endpoints improperly handle user…
CVE-2023-51330 — CVSS 5.4 (medium): PHPJabbers Cinema Booking System v1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in Now Showing menu "date" parameter.
CVE-2024-57429 — CVSS 5.4 (medium): A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote…
CVE-2023-51334 — CVSS 5.3 (medium): A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cinema Booking System v1.0 allows attackers to send an excessive…