CVE-2024-57430
CRITICALPHPJabbers Cinema Booking System 2.0 - SQL Injection via pjActionGetUser Column Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2024-57430. PoCs published by ahrixia.
AI-analyzed exploit summary This repository provides a proof-of-concept for CVE-2024-57430, an SQL injection vulnerability in PHPJabbers Cinema Booking System v2.0. The exploit targets the 'column' parameter in the pjActionGetUser function, allowing attackers to manipulate database queries.
Description
An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate database queries via the column parameter. Exploiting this flaw can lead to unauthorized information disclosure, privilege escalation, or database manipulation.
Exploits (1)
This repository provides a proof-of-concept for CVE-2024-57430, an SQL injection vulnerability in PHPJabbers Cinema Booking System v2.0. The exploit targets the 'column' parameter in the pjActionGetUser function, allowing attackers to manipulate database queries.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H