CVE-2024-25307 – This vulnerability allows attackers to execute ... (How to Fix)

Q: What is the severity of CVE-2024-25307?

CVE-2024-25307 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows attackers to execute arbitrary SQL commands via the 'id' parameter in the Cinema Seat Reservation System 1.0. This can lead to data theft, modification, or deletion. Anyone using this specific software version is affected.

📋 TL;DR

This vulnerability allows attackers to execute arbitrary SQL commands via the 'id' parameter in the Cinema Seat Reservation System 1.0. This can lead to data theft, modification, or deletion. Anyone using this specific software version is affected.

💻 Affected Systems

Products:

Code-projects Cinema Seat Reservation System

Versions: 1.0

Operating Systems: Any OS running PHP/MySQL

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the specific booking.php endpoint with the id parameter.

📦 What is this software?

Cinema Seat Reservation System by Code Projects

View all CVEs affecting Cinema Seat Reservation System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, privilege escalation, and potential remote code execution.

🟠

Likely Case

Unauthorized access to reservation data, user information, and potential database manipulation.

🟢

If Mitigated

Limited impact with proper input validation and database permissions.

🌐 Internet-Facing: HIGH - The vulnerable endpoint is directly accessible via web requests.

🏢 Internal Only: MEDIUM - Still exploitable by internal users or compromised accounts.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple SQL injection via URL parameter, no authentication required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Implement workarounds or replace software.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Modify booking.php to validate and sanitize the id parameter using prepared statements.

Replace raw SQL queries with PDO or mysqli prepared statements in PHP code

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns at the id parameter.

Configure WAF to block patterns like ' OR '1'='1, UNION SELECT, etc.

🧯 If You Can't Patch

Restrict access to /Cinema-Reservation/booking.php via network ACLs or authentication.
Implement database user with minimal privileges (read-only if possible) for the application.

🔍 How to Verify

Check if Vulnerable:

Test URL: /Cinema-Reservation/booking.php?id=1' OR '1'='1 - Check for SQL errors or unexpected data.

Check Version:

Check software version in documentation or configuration files.

Verify Fix Applied:

Test with same payload after fixes - should return error page or no data.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL errors in web server logs
Multiple requests with SQL-like patterns in id parameter

Network Indicators:

HTTP requests to booking.php with suspicious id values

SIEM Query:

source="web_logs" AND uri="/Cinema-Reservation/booking.php" AND (id="*'*" OR id="*OR*" OR id="*UNION*" OR id="*SELECT*")

📊 Metadata

CVE ID: CVE-2024-25307

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: February 9, 2024

Last Updated: June 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-25307, you might also want to check these: