SQL Injection Vulnerability in Cinema Seat Reservation System by Code Projects
CVE-2025-0340
6.9MEDIUM
What is CVE-2025-0340?
A security vulnerability has been identified in the Cinema Seat Reservation System developed by Code Projects. This issue arises from insufficient input validation in the /admin/deleteBooking.php file, particularly concerning the id parameter. Attackers can exploit this flaw remotely to execute unauthorized SQL queries, potentially compromising sensitive data and user information. Public disclosure of the exploit has raised concerns about its potential misuse in real-world attacks against affected installations.
Affected Version(s)
Cinema Seat Reservation System 1.0