CVE-2024-39210

2024-07-0500:00:00

mitre

github.com

arbitrary file read

php files

sensitive information

AI Score

7.1

Confidence

High

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON

Best House Rental Management System v1.0 was discovered to contain an arbitrary file read vulnerability via the Page parameter at index.php. This vulnerability allows attackers to read arbitrary PHP files and access other sensitive information within the application.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:best_house_rental_management_system:best_house_rental_management_system:1.0:*:*:*:*:*:*:*"
    ],
    "vendor": "best_house_rental_management_system",
    "product": "best_house_rental_management_system",
    "versions": [
      {
        "status": "affected",
        "version": "1.0"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

github.com/KRookieSec/CVE-2024-39210