PT-2024-18701 · Unknown · Codeastro House Rental Management System

Mooooon

Published

2024-03-01

Updated

2025-03-13

CVE-2024-2076

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions CodeAstro House Rental Management System version 1.0

Description A problematic issue has been found in the system, affecting some unknown functionality of the files booking.php, owner.php, and tenant.php. This issue leads to missing authentication, allowing for remote attacks. The exploit has been disclosed to the public and may be used.

Recommendations For CodeAstro House Rental Management System version 1.0, consider restricting access to the affected files booking.php, owner.php, and tenant.php to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2024-2076

Affected Products

Codeastro House Rental Management System

PT-2024-18701 · Unknown · Codeastro House Rental Management System

CVE-2024-2076

Weakness Enumeration

Related Identifiers

Affected Products

References · 7