CVE-2025-12598

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0

Description A flaw exists in the software that allows for SQL injection. The issue is located in the save tenant function within the /admin class.php file. Manipulation of the firstname argument can lead to a successful attack, which can be launched remotely. The exploit for this issue has been published. Other parameters may also be affected.

Recommendations Versions prior to 1.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.