CVE-2024-8610

🗓️ 09 Sep 2024 20:31:05Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 40 Views🌐 WEB

Vulnerability in SourceCodester House Rental Syste

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-8610	10 Sep 202400:00	–	circl
CNNVD	SourceCodester Best House Rental Management System 跨站脚本漏洞	9 Sep 202400:00	–	cnnvd
Cvelist	CVE-2024-8610 SourceCodester Best House Rental Management System New Tenant Page index.php cross site scripting	9 Sep 202420:31	–	cvelist
EUVD	EUVD-2024-49295	3 Oct 202520:07	–	euvd
NVD	CVE-2024-8610	9 Sep 202421:15	–	nvd
Positive Technologies	PT-2024-39131 · Sourcecodester · Sourcecodester Best House Rental Management System	9 Sep 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-8610	23 May 202508:28	–	redhatcve
Vulnrichment	CVE-2024-8610 SourceCodester Best House Rental Management System New Tenant Page index.php cross site scripting	9 Sep 202420:31	–	vulnrichment

NVD

Vulners

Node

mayurik best_house_rental_management_systemMatch1.0

[
  {
    "vendor": "SourceCodester",
    "product": "Best House Rental Management System",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      }
    ],
    "modules": [
      "New Tenant Page"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
sourcecodester	www.sourcecodester.com/
drive	www.drive.google.com/file/d/1mB2ZNyWJDqJaZZro4qiMqovRO_qo4pss/view
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
Last Name	query param	/index.php?page=tenants	Reflected XSS via manipulation of tenant name fields on the Tenants page.	CWE-79
First Name	query param	/index.php?page=tenants	Reflected XSS via manipulation of tenant name fields on the Tenants page.	CWE-79
Middle Name	query param	/index.php?page=tenants	Reflected XSS via manipulation of tenant name fields on the Tenants page.	CWE-79

17 Sep 2024 18:48Current

4Medium risk

Vulners AI Score4

CVSS 3.13.5 - 5.4

CVSS 24

CVSS 45.3

CVSS 33.5

EPSS0.0007

SSVC

CWE-79