CVE-2024-57430: SQL Injection
First published: Thu Feb 06 2025(Updated: )
An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate database queries via the column parameter. Exploiting this flaw can lead to unauthorized information disclosure, privilege escalation, or database manipulation.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHPJabbers Cinema Booking System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-57430?
CVE-2024-57430 is considered a high severity vulnerability due to its potential for unauthorized information disclosure and privilege escalation.
How do I fix CVE-2024-57430?
To fix CVE-2024-57430, ensure you are using the latest version of the PHPJabbers Cinema Booking System, which includes security patches addressing this vulnerability.
What systems are affected by CVE-2024-57430?
CVE-2024-57430 affects PHPJabbers Cinema Booking System version 2.0.
What kind of attacks can be executed with CVE-2024-57430?
Exploiting CVE-2024-57430 can allow attackers to manipulate database queries, leading to potential data breaches or database manipulation.
Is CVE-2024-57430 easy to exploit?
Yes, CVE-2024-57430 can be easily exploited by attackers who can craft SQL queries through the vulnerable column parameter.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/author
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/event
- vendor/phpjabbers
- canonical/phpjabbers cinema booking system