PT-2026-30424 · Unknown · Concert Ticket Reservation System
Wenzhuolin
·
Published
2026-04-05
·
Updated
2026-04-05
·
CVE-2026-5554
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Concert Ticket Reservation System version 1.0
Description
A security flaw exists in code-projects Concert Ticket Reservation System 1.0. The issue is related to an unknown functionality within the
/ConcertTicketReservationSystem-master/process search.php file of the Parameter Handler component. Manipulation of the searching argument results in SQL injection. The attack can be initiated remotely, and the exploit has been publicly released.Recommendations
Update to a newer version that contains a fix for this vulnerability.
Exploit
Fix
SQL injection
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Concert Ticket Reservation System