INOX Movies features - A lesson in "designing secure web pages"
Vulnerable URL: hxxp://www.inoxmovies.com/seatlayout.aspx
Incase you don't understand what will be the bug, it will be a SQL Injection!
INOX Movies is "Safe"... Come on, it uses "http"... it's unbreakable! :D