PT-2024-30018 · Unknown · Hotel Management System
Published
2024-08-20
·
Updated
2024-08-20
·
CVE-2024-42559
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Hotel Management System version 79d688
Description
An issue in the login component, specifically in the
process login.php file, allows attackers to authenticate without providing a valid password. This enables unauthorized access to the system.Recommendations
For Hotel Management System version 79d688, consider temporarily disabling the
process login.php file until a patch is available to prevent unauthorized access. Restrict access to the login component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hotel Management System