CVE-2024-10349 – SourceCodester Best House Rental Management System ajax.php delete_tenant sql injection
https://notcve.org/view.php?id=CVE-2024-10349
A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as critical. Affected by this issue is the function delete_tenant of the file /ajax.php?action=delete_tenant. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. • https://github.com/will121351/wenqin.webray.com.cn/blob/main/CVE-project/house-rentalmanagement-system1.md https://vuldb.com/?ctiid.281696 https://vuldb.com/?id.281696 https://vuldb.com/?submit.427472 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-10348 – SourceCodester Best House Rental Management System Manage Tenant Details index.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-10348
A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=tenants of the component Manage Tenant Details. The manipulation of the argument Last Name/First Name/Middle Name leads to cross site scripting. • https://github.com/will121351/wenqin.webray.com.cn/blob/main/CVE-project/house-rental-management-system.md https://vuldb.com/?ctiid.281697 https://vuldb.com/?id.281697 https://vuldb.com/?submit.427471 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-9041 – SourceCodester Best House Rental Management System ajax.php sql injection
https://notcve.org/view.php?id=CVE-2024-9041
A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=update_account. The manipulation of the argument firstname/lastname/email leads to sql injection. The attack can be initiated remotely. • https://vuldb.com/?id.278212 https://vuldb.com/?ctiid.278212 https://vuldb.com/?submit.411502 https://github.com/para-paradise/webray.com.cn/blob/main/Best%20house%20rental%20management%20system%20project%20in%20php/Best%20house%20rental%20management%20system%20update_account%20time-based%20SQL%20Injection%20Vulnerability.md https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-9039 – SourceCodester Best House Rental Management System ajax.php sql injection
https://notcve.org/view.php?id=CVE-2024-9039
A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=signup. The manipulation of the argument firstname/lastname/email leads to sql injection. The attack may be launched remotely. • https://github.com/para-paradise/webray.com.cn/blob/main/Best%20house%20rental%20management%20system%20project%20in%20php/Best%20house%20rental%20management%20system%20signup%20time-based%20SQL%20Injection%20Vulnerability.md https://vuldb.com/?ctiid.278210 https://vuldb.com/?id.278210 https://vuldb.com/?submit.411471 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-9033 – SourceCodester Best House Rental Management System ajax.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-9033
A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_category. The manipulation of the argument name leads to cross site scripting. The attack can be launched remotely. • https://github.com/para-paradise/webray.com.cn/blob/main/Best%20house%20rental%20management%20system%20project%20in%20php/Best%20house%20rental%20management%20system%20project%20in%20php%20Stored%20Cross-Site%20Scripting(XSS)%20vulnerability.md https://vuldb.com/?ctiid.278203 https://vuldb.com/?id.278203 https://vuldb.com/?submit.410977 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •