CVE-2024-57429

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 6, 2025

CWE ID 352

Summary

CVE-2024-57429 is a cross-site request forgery (CSRF) vulnerability affecting the pjActionUpdate function in the PHPJabbers Cinema Booking System v2.0. This issue permits remote attackers to manipulate authenticated admin sessions, enabling them to submit unauthorized requests and potentially escalate privileges. By tricking an admin into clicking a malicious link or form, an attacker can exploit this vulnerability and execute unwanted actions within the system. This security flaw poses a serious threat to the integrity and confidentiality of the affected application. Admins are encouraged to update their PHPJabbers Cinema Booking System to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database