CVE-2024-40475

SourceCodester Best House Rental Management System v1.0 is vulnerable to Incorrect Access Control via /rental/payment_report.php, /rental/balance_report.php, /rental/invoices.php, /rental/tenants.php, and /rental/users.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mayurik:best_house_rental_management_system:1.0:*:*:*:*:*:*:*

History

15 Aug 2024, 13:40

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.3
v2 : unknown
v3 : 8.8
References () https://github.com/takekaramey/CVE_Writeup/blob/main/Sourcecodester/Best%20House%20Rental%20Management%20System%20v1.0/Broken%20Access%20Control%20-%20Deep%20URL.pdf - () https://github.com/takekaramey/CVE_Writeup/blob/main/Sourcecodester/Best%20House%20Rental%20Management%20System%20v1.0/Broken%20Access%20Control%20-%20Deep%20URL.pdf - Third Party Advisory
References () https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html - () https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html - Product
Summary
  • (es) SourceCodester Best House Rental Management System v1.0 es vulnerable a un control de acceso incorrecto a través de /rental/paid_report.php, /rental/balance_report.php, /rental/invoices.php, /rental/tenants.php y /rental/users.php.
CPE cpe:2.3:a:mayurik:best_house_rental_management_system:1.0:*:*:*:*:*:*:*
First Time Mayurik best House Rental Management System
Mayurik
CWE NVD-CWE-Other

13 Aug 2024, 01:13

Type Values Removed Values Added
CWE CWE-284
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3

12 Aug 2024, 13:41

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-12 13:38

Updated : 2024-08-15 13:40


NVD link : CVE-2024-40475

Mitre link : CVE-2024-40475

CVE.ORG link : CVE-2024-40475


JSON object : View

Products Affected

mayurik

  • best_house_rental_management_system
CWE
NVD-CWE-Other CWE-284

Improper Access Control