CVE-2024-11860 | SourceCodester Best House Rental Management System 1.0 POST Request ajax.php?action=delete_tenant id improper authorization

Inserito da Angelo Barbosa | Nov 27, 2024 | CVE

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=delete_tenant of the component POST Request Handler. The manipulation of the argument id leads to improper authorization.

This vulnerability is uniquely identified as CVE-2024-11860. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-11860 | SourceCodester Best House Rental Management System 1.0 POST Request ajax.php?action=delete_tenant id improper authorization

Post correlati

CVE-2024-7926 | ZZCMS 2023 about_edit.php skin path traversal

CVE-2024-1627 | Linux Kernel IPv4 Networking Stack net/ipv4/af_inet.c inet_sock_destruct double free

CVE-2024-5730 | Pagerank Tools Plugin up to 1.1.5 on WordPress cross site scripting

CVE-2024-27991 | SupportCandy Plugin up to 3.2.3 on WordPress cross site scripting