{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-7133", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-07-06T08:34:20.585Z", "datePublished": "2025-07-07T15:02:05.823Z", "dateUpdated": "2025-07-07T19:12:28.350Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-07-07T15:02:05.823Z"}, "title": "CodeAstro Online Movie Ticket Booking System cross-site request forgery", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-352", "lang": "en", "description": "Cross-Site Request Forgery"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-862", "lang": "en", "description": "Missing Authorization"}]}], "affected": [{"vendor": "CodeAstro", "product": "Online Movie Ticket Booking System", "versions": [{"version": "1.0", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in CodeAstro Online Movie Ticket Booking System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."}, {"lang": "de", "value": "Es wurde eine Schwachstelle in CodeAstro Online Movie Ticket Booking System 1.0 entdeckt. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion. Mittels dem Manipulieren mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2025-07-06T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-07-06T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-07-06T10:39:23.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Subhash Paudel (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.315045", "name": "VDB-315045 | CodeAstro Online Movie Ticket Booking System cross-site request forgery", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.315045", "name": "VDB-315045 | CTI Indicators (IOB, IOC)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.605947", "name": "Submit #605947 | CodeAstro Online Movie Ticket Booking System in Python 1.0 Cross-Site Request Forgery", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Vanshdhawan188/Online-Movie-Ticket-Booking-System-in-Python-/blob/main/Online%20Movie%20Ticket%20Booking%20System%20in%20Python.md", "tags": ["exploit"]}, {"url": "https://codeastro.com/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-07T19:12:15.690163Z", "id": "CVE-2025-7133", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-07T19:12:28.350Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-7133", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-07T19:12:15.690163Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-07T19:12:23.390Z"}}], "cna": {"title": "CodeAstro Online Movie Ticket Booking System cross-site request forgery", "credits": [{"lang": "en", "type": "reporter", "value": "Subhash Paudel (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "CodeAstro", "product": "Online Movie Ticket Booking System", "versions": [{"status": "affected", "version": "1.0"}]}], "timeline": [{"lang": "en", "time": "2025-07-06T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-07-06T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-07-06T10:39:23.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.315045", "name": "VDB-315045 | CodeAstro Online Movie Ticket Booking System cross-site request forgery", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.315045", "name": "VDB-315045 | CTI Indicators (IOB, IOC)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.605947", "name": "Submit #605947 | CodeAstro Online Movie Ticket Booking System in Python 1.0 Cross-Site Request Forgery", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Vanshdhawan188/Online-Movie-Ticket-Booking-System-in-Python-/blob/main/Online%20Movie%20Ticket%20Booking%20System%20in%20Python.md", "tags": ["exploit"]}, {"url": "https://codeastro.com/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in CodeAstro Online Movie Ticket Booking System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."}, {"lang": "de", "value": "Es wurde eine Schwachstelle in CodeAstro Online Movie Ticket Booking System 1.0 entdeckt. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion. Mittels dem Manipulieren mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "Cross-Site Request Forgery"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "Missing Authorization"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-07-07T15:02:05.823Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7133", "state": "PUBLISHED", "dateUpdated": "2025-07-07T19:12:28.350Z", "dateReserved": "2025-07-06T08:34:20.585Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-07-07T15:02:05.823Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:codeastro:online_movie_ticket_booking_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "FD0F43C9-C03A-4CF3-B153-22949D8DE865", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in CodeAstro Online Movie Ticket Booking System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en CodeAstro Online Movie Ticket Booking System 1.0. Esta afecta a una parte desconocida. La manipulaci\u00f3n provoca un cross-site request forgery. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."}], "id": "CVE-2025-7133", "lastModified": "2025-07-09T17:24:59.017", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "[email protected]", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-07-07T15:15:33.210", "references": [{"source": "[email protected]", "tags": ["Product"], "url": "https://codeastro.com/"}, {"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/Vanshdhawan188/Online-Movie-Ticket-Booking-System-in-Python-/blob/main/Online%20Movie%20Ticket%20Booking%20System%20in%20Python.md"}, {"source": "[email protected]", "tags": ["Permissions Required"], "url": "https://vuldb.com/?ctiid.315045"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.315045"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.605947"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}, {"lang": "en", "value": "CWE-862"}], "source": "[email protected]", "type": "Primary"}]}

{}