PT-2024-28391 · Unknown · Best House Rental Management System
Krookiesec
·
Published
2024-07-05
·
Updated
2024-10-10
·
CVE-2024-39210
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Best House Rental Management System version 1.0
Description
The issue allows attackers to read arbitrary PHP files and access other sensitive information within the application through the
Page parameter at "index.php". This is an arbitrary file read vulnerability.Recommendations
For Best House Rental Management System version 1.0, consider restricting access to the
Page parameter in "index.php" to minimize the risk of exploitation until a patch is available. As a temporary workaround, disabling the functionality that allows file reading through this parameter can help mitigate the issue.Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Best House Rental Management System