Zhang Fumao

1 exploit Active since Oct 2025
CVE-2025-12226 WRITEUP MEDIUM WRITEUP
Best House Rental Management System 1.0 - SQL Injection via house_no Parameter in save_house Function
A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is the function save_house of the file /admin_class.php. Performing manipulation of the argument house_no results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
CVSS 4.7