CVE-2024-40576

Cross Site Scripting vulnerability in Best House Rental Management System 1.0 allows a remote attacker to execute arbitrary code via the "House No" and "Description" parameters in the houses page at the index.php component.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mayurik:best_house_rental_management_system:1.0:*:*:*:*:*:*:*

History

06 May 2025, 16:42

Type Values Removed Values Added
CPE cpe:2.3:a:mayurik:best_house_rental_management_system:1.0:*:*:*:*:*:*:*
First Time Mayurik
Mayurik best House Rental Management System
References () https://github.com/jubilianite/CVEs/blob/main/CVE-2024-40576.md - () https://github.com/jubilianite/CVEs/blob/main/CVE-2024-40576.md - Exploit, Third Party Advisory
References () https://github.com/jubilianite/CVEs/security/advisories/GHSA-674x-j9wj-qvpp - () https://github.com/jubilianite/CVEs/security/advisories/GHSA-674x-j9wj-qvpp - Exploit, Third Party Advisory
References () https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html - () https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html - Product

21 Nov 2024, 09:31

Type Values Removed Values Added
References () https://github.com/jubilianite/CVEs/blob/main/CVE-2024-40576.md - () https://github.com/jubilianite/CVEs/blob/main/CVE-2024-40576.md -
References () https://github.com/jubilianite/CVEs/security/advisories/GHSA-674x-j9wj-qvpp - () https://github.com/jubilianite/CVEs/security/advisories/GHSA-674x-j9wj-qvpp -
References () https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html - () https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html -

01 Aug 2024, 13:57

Type Values Removed Values Added
CWE CWE-79
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.7

30 Jul 2024, 22:15

Type Values Removed Values Added
References
  • () https://github.com/jubilianite/CVEs/security/advisories/GHSA-674x-j9wj-qvpp -
Summary
  • (es) Vulnerabilidad de Cross Site Scripting en Best House Rental Management System 1.0 permite a un atacante remoto ejecutar código arbitrario a través de los parámetros "House No" y "Description" en la página de casas en el componente index.php.

29 Jul 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-29 14:15

Updated : 2025-05-06 16:42


NVD link : CVE-2024-40576

Mitre link : CVE-2024-40576

CVE.ORG link : CVE-2024-40576


JSON object : View

Products Affected

mayurik

  • best_house_rental_management_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')