CVE-2024-42772

Name of the Vulnerable Software and Affected Versions Kashipara Hotel Management System version 1.0

Description An Incorrect Access Control issue was found in the /admin/rooms.php endpoint, allowing an unauthenticated attacker to view valid hotel room entries in the administrator section. This issue affects the administrator section of the system, potentially exposing sensitive information.

Recommendations For Kashipara Hotel Management System version 1.0, consider disabling access to the /admin/rooms.php endpoint until a patch is available to prevent unauthorized access. Restrict access to the administrator section to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.