qi_nice

3 exploits Active since Nov 2025
CVE-2025-12597 WRITEUP MEDIUM WRITEUP
SourceCodester Best House Rental Management System 1.0 - SQL Injection
A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function save_category of the file /admin_class.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.
CVSS 4.7
CVE-2025-12598 WRITEUP MEDIUM WRITEUP
SourceCodester Best House Rental Management System 1.0 - SQL Injection
A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function save_tenant of the file /admin_class.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. Other parameters might be affected as well.
CVSS 4.7
CVE-2025-12614 WRITEUP MEDIUM WRITEUP
SourceCodester Best House Rental Management System 1.0 - SQL Injection
A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function delete_payment of the file /admin_class.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
CVSS 4.7