CVE-2026-5554

Description

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/process_search.php of the component Parameter Handler. Performing a manipulation of the argument searching results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

References

• https://code-projects.org/
• https://github.com/Wzl731/test/issues/4
• https://vuldb.com/submit/782874
• https://vuldb.com/vuln/355324
• https://vuldb.com/vuln/355324/cti