SQL Injection Vulnerability in Cinema Seat Reservation System
CVE-2024-25307
9.8CRITICAL
What is CVE-2024-25307?
The Cinema Seat Reservation System version 1.0 by Code-projects is susceptible to SQL Injection due to improper validation of the 'id' parameter within the booking.php file. This vulnerability allows attackers to manipulate SQL queries executed by the application, potentially leading to unauthorized access to the database and retrieval of sensitive information. Proper input sanitization and parameterized queries are essential to mitigate this risk and secure the application against exploitation.