CVE-2025-12597

The CVE-2025-12597 entry concerns SourceCodester Best House Rental Management System 1.0. The vulnerability resides in the function save_category in the file /admin_class.php, where manipulation of the Name argument enables SQL injection. The issue is exploitable remotely and, according to connec...

CVE-2025-12597 SourceCodester Best House Rental Management System admin_class.php save_category sql injection

A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function savecategory of the file /adminclass.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit...

CVE-2025-12208

SourceCodester Best House Rental Management System 1.0 is affected by a SQL injection in the login2 function of /admin_class.php, caused by improper handling of the Username argument. The vulnerability allows remote exploitation, and public proof-of-concept exploits exist. Red Hat/EUVD/NVD refere...

CVE-2024-11860

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=deletetenant of the component POST Request Handler. The manipulation of the argument id leads to improper authorization...

SourceCodester Best House Rental Management System 跨站脚本漏洞

SourceCodester Best House Rental Management System is a house rental management system from SourceCodester, Inc. A cross-site scripting vulnerability exists in SourceCodester Best House Rental Management System version 1.0, which originates from a cross-site scripting vulnerability in the lastnam...

CVE-2024-40476

A Cross-Site Request Forgery CSRF vulnerability was found in SourceCodester Best House Rental Management System v1.0. This could lead to an attacker tricking the administrator into adding/modifying/deleting valid tenant data via a crafted HTML page, as demonstrated by a Delete Tenant action at th...