PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file.
                
            References
                    | Link | Resource | 
|---|---|
| https://packetstorm.news/files/id/176511 | Third Party Advisory VDB Entry | 
| https://www.phpjabbers.com/cinema-booking-system/#sectionDemo | Product | 
| https://packetstorm.news/files/id/176511 | Third Party Advisory VDB Entry | 
Configurations
                    History
                    10 Apr 2025, 19:56
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time | Phpjabbers cinema Booking System Phpjabbers | |
| References | () https://packetstorm.news/files/id/176511 - Third Party Advisory, VDB Entry | |
| References | () https://www.phpjabbers.com/cinema-booking-system/#sectionDemo - Product | |
| CPE | cpe:2.3:a:phpjabbers:cinema_booking_system:1.0:*:*:*:*:*:*:* | 
21 Feb 2025, 22:15
| Type | Values Removed | Values Added | 
|---|---|---|
| References | () https://packetstorm.news/files/id/176511 - | |
| CVSS | v2 : v3 : | v2 : unknown v3 : 8.8 | 
| Summary | 
 | |
| CWE | CWE-1236 | 
20 Feb 2025, 18:15
| Type | Values Removed | Values Added | 
|---|---|---|
| New CVE | 
Information
                Published : 2025-02-20 18:15
Updated : 2025-04-10 19:56
NVD link : CVE-2023-51333
Mitre link : CVE-2023-51333
CVE.ORG link : CVE-2023-51333
JSON object : View
Products Affected
                phpjabbers
- cinema_booking_system
CWE
                
                    
                        
                        CWE-1236
                        
            Improper Neutralization of Formula Elements in a CSV File
