Back

CVE-2024-40476

Aug. 12, 2024, 1:41 p.m.

Undergoing Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

Products

SourceCodester Best House Rental Management System

  • 1.0

Source

cve@mitre.org

Tags

cve@mitre.org
2024-08-12
CVE-2024-40476

CVE-2024-40476 details

Published : Aug. 12, 2024, 1:38 p.m.
Last Modified : Aug. 12, 2024, 1:41 p.m.

Description

A Cross-Site Request Forgery (CSRF) vulnerability was found in SourceCodester Best House Rental Management System v1.0. This could lead to an attacker tricking the administrator into adding/modifying/deleting valid tenant data via a crafted HTML page, as demonstrated by a Delete Tenant action at the /rental/ajax.php?action=delete_tenant.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://github.com/takekaramey/CVE_Writeup/blob/main/Sourcecodester/Best%20House%20Rental%20Management%20System%20v1.0/CSRF.pdf cve@mitre.org
https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.