CVE-2025-12853

CWE-74 CWE-89 — SQL Injection3 documents3 sources

Severity

5.1MEDIUM

EPSS

0.0%

top 95.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Best House Rental Management System Mayurik Best House Rental Management System

Timeline

PublishedNov 7

Description

A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affects the function delete_house of the file /admin_class.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5sourcecodester/best_house_rental_management_system1.0

▶NVDmayurik/best_house_rental_management_system1.0

🔴Vulnerability Details

GHSA

GHSA-7wcr-q663-xpqj: A vulnerability was determined in SourceCodester Best House Rental Management System 1↗2025-11-07

▶

CVEList

SourceCodester Best House Rental Management System admin_class.php delete_house sql injection↗2025-11-07

▶