PT-2024-28926 · Unknown · Best House Rental Management System
Jubilianite
·
Published
2024-07-29
·
Updated
2025-05-06
·
CVE-2024-40576
CVSS v3.1
4.7
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Best House Rental Management System version 1.0
Description
The issue allows a remote attacker to execute arbitrary code via the
House No and Description parameters in the houses page at the "index.php" component. This enables the attacker to perform Cross Site Scripting attacks.Recommendations
For Best House Rental Management System version 1.0, consider restricting access to the houses page at the "index.php" component to minimize the risk of exploitation. As a temporary workaround, avoid using the
House No and Description parameters in the affected page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Best House Rental Management System