Takekaramey

**Name of the Vulnerable Software and Affected Versions** SourceCodester Best House Rental Management System version 1.0 **Description** The issue is related to Incorrect Access Control. It affects several API endpoints, including "/rental/payment report.php", "/rental/balance report.php", "/rental/invoices.php", "/rental/tenants.php", and "/rental/users.php". There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For version 1.0, consider restricting access to the affected API endpoints "/rental/payment report.php", "/rental/balance report.php", "/rental/invoices.php", "/rental/tenants.php", and "/rental/users.php" to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.