Detections
Analytics

CVE-2024-57429

medium

Description

A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated admin into submitting an unauthorized request.

References

https://www.phpjabbers.com/cinema-booking-system/

https://github.com/ahrixia/CVE-2024-57429

Details

Source: Mitre, NVD

Published: 2025-02-06

Updated: 2025-02-06

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Severity: Medium