PHPGurukul Park Ticketing Management System SQL Injection Vulnerability in edit-ticket.php

Vulnerability

A SQL injection vulnerability exists in the Park Ticketing Management System by PHPGurukul, version 2.0. The issue is located in the edit-ticket.php file, where remote attackers can execute arbitrary code by manipulating the tprice POST request parameter.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the server where the application is hosted.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

7.5

exploitability

9.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

7.5

exploitability

9.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PHPGurukul Park Ticketing Management System SQL Injection Vulnerability in edit-ticket.php

Vulnerability

Impact

Affected Products

PHPGurukul Park Ticketing Management System

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating