CVE-2024-8709 | SourceCodester Best House Rental Management System 1.0 /admin_class.php delete_user/save_user id sql injection

Inserito da Angelo Barbosa | Set 11, 2024 | CVE

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. Affected is the function delete_user/save_user of the file /admin_class.php. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-8709. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-8709 | SourceCodester Best House Rental Management System 1.0 /admin_class.php delete_user/save_user id sql injection

Post correlati

CVE-2024-2202 | SiteOrigin Page Builder Plugin up to 2.29.6 on WordPress Legacy Image Widget cross site scripting

CVE-2023-35075 | Mattermost up to 7.8.12/8.1.3 innerText/textContent cross site scripting

CVE-2024-9344 | BerqWP Plugin up to 2.1.1 on WordPress cross site scripting

CVE-2024-37301 | adfinis document-merge-service up to 6.5.1 Template special elements used in a template engine (GHSA-v5gf-r78h-55q6)