CVE-2024-0502

Name of the Vulnerable Software and Affected Versions SourceCodester House Rental Management System version 1.0

Description A critical issue was found in the SourceCodester House Rental Management System, affecting some unknown functionality of the file manage user.php of the component Edit User. The manipulation of the id, name, or username argument leads to SQL injection. The attack can be launched remotely.

Recommendations For version 1.0, consider disabling the manage user.php file or restricting access to the Edit User component until a patch is available. As a temporary workaround, avoid using the id, name, or username arguments in the affected functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.