Login Sign Up

CVE-2024-11860

6.5 MEDIUM
Authentication Bypass

📋 TL;DR

This critical vulnerability in SourceCodester Best House Rental Management System 1.0 allows unauthorized deletion of tenant records via a POST request to /rental/ajax.php with manipulated 'id' parameter. Attackers can exploit this remotely without proper authentication. All deployments of version 1.0 are affected.

💻 Affected Systems

Products:
  • SourceCodester Best House Rental Management System
Versions: 1.0
Operating Systems: Any OS running PHP web server
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 1.0 are vulnerable regardless of configuration.

📦 What is this software?

Best House Rental Management System by Mayurik

View all CVEs affecting Best House Rental Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete tenant database compromise with mass deletion of tenant records, disrupting rental operations and causing data loss.

🟠

Likely Case

Targeted deletion of specific tenant records by attackers, leading to operational disruption and potential data integrity issues.

🟢

If Mitigated

Unauthorized access attempts logged and blocked with proper authorization controls in place.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and affects web-facing applications.
🏢 Internal Only: MEDIUM - Internal attackers could still exploit this if they have network access to the system.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available on GitHub and require only HTTP POST request manipulation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Web Application Firewall Rule

all

Block or monitor POST requests to /rental/ajax.php with action=delete_tenant

WAF-specific configuration required

File Access Restriction

linux

Restrict access to ajax.php or implement proper authentication checks

chmod 600 /path/to/rental/ajax.php
Add authentication check at top of ajax.php

🧯 If You Can't Patch

  • Implement strong authentication and authorization checks before processing delete_tenant actions
  • Deploy the system behind a reverse proxy with request validation and rate limiting

🔍 How to Verify

Check if Vulnerable:

Test if POST request to /rental/ajax.php?action=delete_tenant with arbitrary id parameter succeeds without proper authentication

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify that unauthorized POST requests to delete_tenant endpoint are rejected with proper error messages

📡 Detection & Monitoring

Log Indicators:

  • Multiple POST requests to /rental/ajax.php with action=delete_tenant
  • Unauthorized access attempts to tenant deletion endpoint

Network Indicators:

  • HTTP POST requests to /rental/ajax.php with delete_tenant action from unexpected sources

SIEM Query:

source="web_server" AND uri="/rental/ajax.php" AND method="POST" AND params.action="delete_tenant"

📊 Metadata

CVE ID: CVE-2024-11860
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
CWE: CWE-266
Published: November 27, 2024
Last Updated: December 4, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11860, you might also want to check these:

CVE-2026-23800 10.0

This vulnerability allows attackers to escalate privileges in Modular DS modular-connector WordPress...

Same vulnerability type (CWE-266)
CVE-2026-23550 10.0

This critical vulnerability in Modular DS allows attackers to escalate privileges due to incorrect p...

Same vulnerability type (CWE-266)
CVE-2025-41115 10.0

A critical vulnerability in Grafana's SCIM provisioning allows malicious SCIM clients to provision u...

Same vulnerability type (CWE-266)