CVE-2024-57429: CSRF
First published: Thu Feb 06 2025(Updated: )
A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated admin into submitting an unauthorized request.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHPJabbers Cinema Booking System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-57429?
The severity of CVE-2024-57429 is classified as medium due to its potential to allow privilege escalation through CSRF.
How do I fix CVE-2024-57429?
To fix CVE-2024-57429, implement CSRF tokens in all forms to ensure that requests come from authenticated users.
What systems are affected by CVE-2024-57429?
CVE-2024-57429 affects PHPJabbers Cinema Booking System version 2.0.
Can CVE-2024-57429 lead to data compromise?
Yes, CVE-2024-57429 can lead to unauthorized access and potential data compromise if exploited by attackers.
Who is at risk of CVE-2024-57429?
Users with admin access to the PHPJabbers Cinema Booking System are at risk of CVE-2024-57429 if they are tricked into making unauthorized requests.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/author
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/event
- vendor/phpjabbers
- canonical/phpjabbers cinema booking system