CVE-2024-2917

Description

A vulnerability was found in Campcodes House Rental Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257983.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Affected products

Campcodes / House Rental Management System1.0 – 1.0

References

MISChttps://vuldb.com/?id.257983
MISChttps://vuldb.com/?ctiid.257983
MISChttps://vuldb.com/?submit.303672
MISChttps://github.com/E1CHO/cve_hub/blob/main/House%20Rental%20Management%20System%20-%20vuln%202.pdf