Online House Rental System
Monthly
SQL injection in itsourcecode Online House Rental System 1.0 allows remote unauthenticated attackers to manipulate the 'ID' parameter of /manage_tenant.php to inject arbitrary SQL queries against the backend database. Publicly available exploit code exists (disclosed via GitHub issue tracker and indexed by VulDB), making opportunistic exploitation feasible against any internet-exposed instance. The vulnerability impacts a PHP-based property management application typically deployed by small landlords or as a learning/demonstration project.
A vulnerability was found in itsourcecode Online House Rental System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
SQL injection in itsourcecode Online House Rental System 1.0 allows remote unauthenticated attackers to manipulate the 'ID' parameter of /manage_tenant.php to inject arbitrary SQL queries against the backend database. Publicly available exploit code exists (disclosed via GitHub issue tracker and indexed by VulDB), making opportunistic exploitation feasible against any internet-exposed instance. The vulnerability impacts a PHP-based property management application typically deployed by small landlords or as a learning/demonstration project.
A vulnerability was found in itsourcecode Online House Rental System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.