CVE-2024-57429
5.4
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.5
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
Description
A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated admin into submitting an unauthorized request.
Affected (1)
Products: Phpjabbers: Cinema Booking System
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.0 |
References (2)
Timeline
No history available yet.