CVE-2024-3697: Campcodes House Rental Management System manage_tenant.php sql injection
First published: Fri Apr 12 2024(Updated: )
A vulnerability was found in Campcodes House Rental Management System 1.0. It has been classified as critical. Affected is an unknown function of the file manage_tenant.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260484.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Campcodes House Rental Management System | ||
| =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-3697?
CVE-2024-3697 has been classified as a critical vulnerability.
What type of vulnerability is CVE-2024-3697?
CVE-2024-3697 is classified as a SQL injection vulnerability.
How does CVE-2024-3697 affect the Campcodes House Rental Management System?
CVE-2024-3697 affects an unknown function in the manage_tenant.php file, where manipulation of the 'id' argument can lead to SQL injection.
Can CVE-2024-3697 be exploited remotely?
Yes, CVE-2024-3697 can be exploited remotely.
How do I fix CVE-2024-3697?
To resolve CVE-2024-3697, ensure proper sanitization and validation of user input in the manage_tenant.php file, particularly the 'id' argument.
- agent/weakness
- agent/references
- agent/title
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- vendor/campcodes
- canonical/campcodes house rental management system