Code-Projects Movie Ticketing System Information Disclosure Vulnerability

A sensitive information disclosure vulnerability has been identified in Code-Projects Movie Ticketing System version 1.0. The issue arises from an exposed SQL database backup file, 'moviedb.sql', which is stored in a publicly accessible directory within the web root. The web server does not restrict access to .sql files, allowing remote attackers to download the database dump without authentication. This SQL dump contains the full database structure and application data, including sensitive information such as user accounts, booking details, and administrative credentials.

Impact

Exploitation of this vulnerability allows unauthorized access to sensitive database information, including user accounts, booking records, and administrative credentials. This could lead to unauthorized access to user accounts, administrative privileges, and potential manipulation or deletion of data.

Reproduction

To reproduce this vulnerability, install the Movie Ticketing System in PHP version 1.0. Once the application is running, navigate to the URL 'http://localhost/movie/db/moviedb.sql'. The SQL database backup file will be directly accessible for download without any authentication.

Remediation

It is recommended to remove database backup files from the web root and store them in secure locations that are not publicly accessible. Additionally, web servers should be configured to deny access to .sql files.