VDB-290816 · CVE-2024-13211 · GCVE-100-290816

SingMR HouseRent 1.0 AdminController.java ebisanyizo ebyongerwako

Obulabe obwategekeddwa nga ekikulu nnyo busingiddwa mu SingMR HouseRent 1.0. Ekikosebwa kye ekikozesebwa ekitamanyiddwa ku fayiro src/main/java/com/house/wym/controller/AdminController.java. Okukola ku kivaamu ebisanyizo ebyongerwako. Okukozesa CWE mu kulaga ensonga kireetera CWE-284. Obulemu buno bwalangirirwa ku 08/01/2025 nga Unauthorized access to HouseRent exists #12. Obubaka buno busangibwa ku github.com okuddownloadinga. Obunafu buno bwategeerekebwa nga CVE-2024-13211. Attack eyinza okutandikibwa okuva ku kyali wala. Obubaka obw'ekikugu bufuniddwa. Wadde era waliwo ekikozesebwa ekirabikako. Obukodyo buno bwategeezeddwa mu lujjudde era buyinza okukozesebwa. Kati ekikadde ekisoboka ku mutengo gw’ekikozesebwa kiyinza okuba nga kisoba mu USD $0-$5k mu kiseera kino. Kyakakasiddwa nga ebikakasa eby'okukakasa obusobozi. Osobola okufuna exploit ng'ogenda ku github.com. Okusinziira ku 0-day, omuwendo ogwabalirirwako mu kifo ky’obutali mu mateeka gwali wa $0-$5k. If you want to get best quality of vulnerability data, you may have to visit VulDB.

4 Okukyuusa · 97 Obubonero bw'ebikwata ku byuma

Ekibanja	Kikolebwa 08/01/2025 17:59	Okukozesa enkola empya 1/3 09/01/2025 13:53	Okukozesa enkola empya 2/3 09/01/2025 14:56	Okukozesa enkola empya 3/3 15/10/2025 23:09
software_vendor	SingMR	SingMR	SingMR	SingMR
software_name	HouseRent	HouseRent	HouseRent	HouseRent
software_version	1.0	1.0	1.0	1.0
software_file	src/main/java/com/house/wym/controller/AdminController.java	src/main/java/com/house/wym/controller/AdminController.java	src/main/java/com/house/wym/controller/AdminController.java	src/main/java/com/house/wym/controller/AdminController.java
vulnerability_cwe	CWE-284 (ebisanyizo ebyongerwako)	CWE-284 (ebisanyizo ebyongerwako)	CWE-284 (ebisanyizo ebyongerwako)	CWE-284 (ebisanyizo ebyongerwako)
vulnerability_risk	2	2	2	2
cvss3_vuldb_av	N	N	N	N
cvss3_vuldb_ac	L	L	L	L
cvss3_vuldb_ui	N	N	N	N
cvss3_vuldb_s	U	U	U	U
cvss3_vuldb_c	L	L	L	L
cvss3_vuldb_i	L	L	L	L
cvss3_vuldb_a	L	L	L	L
cvss3_vuldb_e	P	P	P	P
cvss3_vuldb_rc	R	R	R	R
advisory_identifier	Unauthorized access to HouseRent exists #12	Unauthorized access to HouseRent exists #12	Unauthorized access to HouseRent exists #12	Unauthorized access to HouseRent exists #12
advisory_url	https://github.com/SingMR/HouseRent/issues/12	https://github.com/SingMR/HouseRent/issues/12	https://github.com/SingMR/HouseRent/issues/12	https://github.com/SingMR/HouseRent/issues/12
exploit_availability	1	1	1	1
exploit_publicity	1	1	1	1
exploit_url	https://github.com/SingMR/HouseRent/issues/12#issue-2762124045	https://github.com/SingMR/HouseRent/issues/12#issue-2762124045	https://github.com/SingMR/HouseRent/issues/12#issue-2762124045	https://github.com/SingMR/HouseRent/issues/12#issue-2762124045
source_cve	CVE-2024-13211	CVE-2024-13211	CVE-2024-13211	CVE-2024-13211
cna_responsible	VulDB	VulDB	VulDB	VulDB
cvss4_vuldb_ac	L	L	L	L
cvss4_vuldb_ui	N	N	N	N
cvss4_vuldb_vc	L	L	L	L
cvss4_vuldb_vi	L	L	L	L
cvss4_vuldb_va	L	L	L	L
cvss4_vuldb_e	P	P	P	P
cvss2_vuldb_au	S	S	S	S
cvss2_vuldb_rl	ND	ND	ND	ND
cvss3_vuldb_pr	L	L	L	L
cvss3_vuldb_rl	X	X	X	X
cvss4_vuldb_at	N	N	N	N
cvss4_vuldb_pr	L	L	L	L
cvss4_vuldb_sc	N	N	N	N
cvss4_vuldb_si	N	N	N	N
cvss4_vuldb_sa	N	N	N	N
cvss2_vuldb_basescore	6.5	6.5	6.5	6.5
cvss2_vuldb_tempscore	5.6	5.6	5.6	5.6
cvss3_vuldb_basescore	6.3	6.3	6.3	6.3
cvss3_vuldb_tempscore	5.7	5.7	5.7	5.7
cvss3_meta_basescore	6.3	6.3	6.3	7.1
cvss3_meta_tempscore	5.7	6.0	6.0	6.9
cvss4_vuldb_bscore	5.3	5.3	5.3	5.3
cvss4_vuldb_btscore	2.1	2.1	2.1	2.1
advisory_date	1736290800 (08/01/2025)	1736290800 (08/01/2025)	1736290800 (08/01/2025)	1736290800 (08/01/2025)
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k
cvss2_vuldb_av	N	N	N	N
cvss2_vuldb_ac	L	L	L	L
cvss2_vuldb_ci	P	P	P	P
cvss2_vuldb_ii	P	P	P	P
cvss2_vuldb_ai	P	P	P	P
cvss2_vuldb_e	POC	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR	UR
cvss4_vuldb_av	N	N	N	N
cve_nvd_summary		A vulnerability was found in SingMR HouseRent 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/main/java/com/house/wym/controller/AdminController.java. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.	A vulnerability was found in SingMR HouseRent 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/main/java/com/house/wym/controller/AdminController.java. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.	A vulnerability was found in SingMR HouseRent 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/main/java/com/house/wym/controller/AdminController.java. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
cvss4_cna_av		N	N	N
cvss4_cna_ac		L	L	L
cvss4_cna_at		N	N	N
cvss4_cna_pr		L	L	L
cvss4_cna_ui		N	N	N
cvss4_cna_vc		L	L	L
cvss4_cna_vi		L	L	L
cvss4_cna_va		L	L	L
cvss4_cna_sc		N	N	N
cvss4_cna_si		N	N	N
cvss4_cna_sa		N	N	N
cvss4_cna_bscore		5.3	5.3	5.3
cvss3_cna_av		N	N	N
cvss3_cna_ac		L	L	L
cvss3_cna_pr		L	L	L
cvss3_cna_ui		N	N	N
cvss3_cna_s		U	U	U
cvss3_cna_c		L	L	L
cvss3_cna_i		L	L	L
cvss3_cna_a		L	L	L
cvss3_cna_basescore		6.3	6.3	6.3
cvss2_cna_av		N	N	N
cvss2_cna_ac		L	L	L
cvss2_cna_au		S	S	S
cvss2_cna_ci		P	P	P
cvss2_cna_ii		P	P	P
cvss2_cna_ai		P	P	P
cvss2_cna_basescore		6.5	6.5	6.5
cve_nvd_summaryes			Se ha encontrado una vulnerabilidad en SingMR HouseRent 1.0. Se ha calificado como crítica. Este problema afecta a algunas funciones desconocidas del archivo src/main/java/com/house/wym/controller/AdminController.java. La manipulación conduce a controles de acceso inadecuados. El ataque puede ejecutarse de forma remota. El exploit se ha hecho público y puede utilizarse.	Se ha encontrado una vulnerabilidad en SingMR HouseRent 1.0. Se ha calificado como crítica. Este problema afecta a algunas funciones desconocidas del archivo src/main/java/com/house/wym/controller/AdminController.java. La manipulación conduce a controles de acceso inadecuados. El ataque puede ejecutarse de forma remota. El exploit se ha hecho público y puede utilizarse.
cvss3_nvd_av				N
cvss3_nvd_ac				L
cvss3_nvd_pr				L
cvss3_nvd_ui				N
cvss3_nvd_s				U
cvss3_nvd_c				H
cvss3_nvd_i				H
cvss3_nvd_a				H
cvss3_nvd_basescore				8.8

◂ Ddaabayo Okusaba Kw'ebintu Byonna Genda mu maaso ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!