
Preface: It is common for application developers to use open source as a reference.
Synopsis: If you are consider or has been used the free source code to develop the seat-reservation-system.
You should stay alert for vulnerabilities in this software product.
Vulnerability details:
Seat Reservation System 1.0 Unauthenticated SQL Injection (CVE-2020-25762)
Seat Reservation System version 1.0 suffers from an unauthenticated file upload vulnerability that allows for remote code execution. (CVE-2020-25763)
Remedy: You can do a config on your firewall or Nginx to restrict the access of ajax.php and admin function pages.