{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-7133","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-07-06T08:34:20.585Z","datePublished":"2025-07-07T15:02:05.823Z","dateUpdated":"2025-07-07T19:12:28.350Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-07-07T15:02:05.823Z"},"title":"CodeAstro Online Movie Ticket Booking System cross-site request forgery","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-352","lang":"en","description":"Cross-Site Request Forgery"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-862","lang":"en","description":"Missing Authorization"}]}],"affected":[{"vendor":"CodeAstro","product":"Online Movie Ticket Booking System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability classified as problematic has been found in CodeAstro Online Movie Ticket Booking System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."},{"lang":"de","value":"Es wurde eine Schwachstelle in CodeAstro Online Movie Ticket Booking System 1.0 entdeckt. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion. Mittels dem Manipulieren mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":4.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":4.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5,"vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2025-07-06T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-07-06T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-07-06T10:39:23.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"Subhash Paudel (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.315045","name":"VDB-315045 | CodeAstro Online Movie Ticket Booking System cross-site request forgery","tags":["vdb-entry"]},{"url":"https://vuldb.com/?ctiid.315045","name":"VDB-315045 | CTI Indicators (IOB, IOC)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.605947","name":"Submit #605947 | CodeAstro Online Movie Ticket Booking System in Python 1.0 Cross-Site Request Forgery","tags":["third-party-advisory"]},{"url":"https://github.com/Vanshdhawan188/Online-Movie-Ticket-Booking-System-in-Python-/blob/main/Online%20Movie%20Ticket%20Booking%20System%20in%20Python.md","tags":["exploit"]},{"url":"https://codeastro.com/","tags":["product"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-07-07T19:12:15.690163Z","id":"CVE-2025-7133","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-07-07T19:12:28.350Z"}}]}}