Mayurik Best House Rental Management System vulnerabilities

CVE-2025-12853 [MEDIUM] CWE-74 CVE-2025-12853: A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affec A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affects the function delete_house of the file /admin_class.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

CVE-2025-12614 [MEDIUM] CWE-74 CVE-2025-12614: A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted i A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function delete_payment of the file /admin_class.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.

CVE-2025-12598 [MEDIUM] CWE-74 CVE-2025-12598: A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this is A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function save_tenant of the file /admin_class.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. Other parameters might be aff

CVE-2025-12597 [MEDIUM] CWE-74 CVE-2025-12597: A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function save_category of the file /admin_class.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.

CVE-2025-12208 [MEDIUM] CWE-74 CVE-2025-12208: A vulnerability was found in SourceCodester Best House Rental Management System 1.0. This impacts th A vulnerability was found in SourceCodester Best House Rental Management System 1.0. This impacts the function login2 of the file /admin_class.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

CVE-2025-12226 [MEDIUM] CWE-74 CVE-2025-12226: A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is the A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is the function save_house of the file /admin_class.php. Performing manipulation of the argument house_no results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.

CVE-2024-12357 [MEDIUM] CWE-73 CVE-2024-12357: A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified a A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The exploit has been disclosed to the public and may be used

CVE-2024-11860 [MEDIUM] CWE-266 CVE-2024-11860: A vulnerability classified as critical has been found in SourceCodester Best House Rental Management A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=delete_tenant of the component POST Request Handler. The manipulation of the argument id leads to improper authorization. It is possible to initiate the attack remotely. The

CVE-2024-11742 [MEDIUM] CWE-79 CVE-2024-11742: A vulnerability, which was classified as problematic, has been found in SourceCodester Best House Re A vulnerability, which was classified as problematic, has been found in SourceCodester Best House Rental Management System 1.0. This issue affects some unknown processing of the file /rental/ajax.php?action=save_tenant. The manipulation of the argument lastname/firstname/middlename leads to cross site scripting. The attack may be initiated remotely.

CVE-2024-11743 [MEDIUM] CWE-352 CVE-2024-11743: A vulnerability, which was classified as problematic, was found in SourceCodester Best House Rental A vulnerability, which was classified as problematic, was found in SourceCodester Best House Rental Management System 1.0. Affected is an unknown function of the file /rental/ajax.php?action=delete_user of the component POST Request Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploi

CVE-2024-48579 [CRITICAL] CWE-94 CVE-2024-48579: SQL Injection vulnerability in Best House rental management system project in php v.1.0 allows a rem SQL Injection vulnerability in Best House rental management system project in php v.1.0 allows a remote attacker to execute arbitrary code via the username parameter of the login request.

CVE-2024-10349 [MEDIUM] CWE-89 CVE-2024-10349: A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified a A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as critical. Affected by this issue is the function delete_tenant of the file /ajax.php?action=delete_tenant. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public a

CVE-2024-10348 [MEDIUM] CWE-79 CVE-2024-10348: A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been cla A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=tenants of the component Manage Tenant Details. The manipulation of the argument Last Name/First Name/Middle Name leads to cross site scripting. It is possible to initiate

CVE-2024-9039 [MEDIUM] CWE-89 CVE-2024-9039: A vulnerability, which was classified as critical, has been found in SourceCodester Best House Renta A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=signup. The manipulation of the argument firstname/lastname/email leads to sql injection. The attack may be launched remotely. The exploit has been

CVE-2024-9033 [MEDIUM] CWE-79 CVE-2024-9033: A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classif A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_category. The manipulation of the argument name leads to cross site scripting. The attack can be launched remotely. The exploit has been disc

CVE-2024-9041 [MEDIUM] CWE-89 CVE-2024-9041: A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classif A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=update_account. The manipulation of the argument firstname/lastname/email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed t

CVE-2024-46377 [CRITICAL] CWE-434 CVE-2024-46377: Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the save_ Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the save_settings() function of the file rental/admin_class.php.

CVE-2024-46375 [CRITICAL] CWE-22 CVE-2024-46375: Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the signu Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the signup() function of the file rental/admin_class.php.

CVE-2024-46374 [CRITICAL] CWE-89 CVE-2024-46374: Best House Rental Management System 1.0 contains a SQL injection vulnerability in the delete_categor Best House Rental Management System 1.0 contains a SQL injection vulnerability in the delete_category() function of the file rental/admin_class.php.

CVE-2024-46376 [CRITICAL] CWE-22 CVE-2024-46376: Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the updat Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the update_account() function of the file rental/admin_class.php.