Preface: It is common for application developers to use open source as a reference.

Synopsis: If you are consider or has been used the free source code to develop the seat-reservation-system.
You should stay alert for vulnerabilities in this software product.

Vulnerability details:

Seat Reservation System 1.0 Unauthenticated SQL Injection (CVE-2020-25762)
Seat Reservation System version 1.0 suffers from an unauthenticated file upload vulnerability that allows for remote code execution. (CVE-2020-25763)

Remedy: You can do a config on your firewall or Nginx to restrict the access of ajax.php and admin function pages.