CVE-2023-51333

Name of the Vulnerable Software and Affected Versions PHPJabbers Cinema Booking System version 1.0

Description The issue exists due to insufficient input validation on the Languages section Labels any parameters field in System Options that is used to construct a CSV file, allowing an attacker to execute remote code.

Recommendations For PHPJabbers Cinema Booking System version 1.0, as a temporary workaround, consider restricting access to the System Options section, specifically the Languages section Labels any parameters field, until a patch is available. Additionally, avoid using any parameters in the System Options that could be used to construct a malicious CSV file. At the moment, there is no information about a newer version that contains a fix for this vulnerability.