Seat Reservation System Project Seat Reservation System vulnerabilities
2 known vulnerabilities affecting seat_reservation_system_project/seat_reservation_system.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2020-25763P2CRITICALCVSS 9.8PoCv1.02020-09-30
CVE-2020-25763 [CRITICAL] CWE-434 CVE-2020-25763: Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowi
Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files.
nvd
CVE-2020-25762P2CRITICALCVSS 9.1PoCv1.02020-09-30
CVE-2020-25762 [CRITICAL] CWE-89 CVE-2020-25762: An issue was discovered in SourceCodester Seat Reservation System 1.0. The file admin_class.php does
An issue was discovered in SourceCodester Seat Reservation System 1.0. The file admin_class.php does not perform input validation on the username and password parameters. An attacker can send malicious input in the post request to /admin/ajax.php?action=login and bypass authentication, extract sensitive information etc.
nvd