CVE-2024-39210

HIGH

Best House Rental Management System < 1.0 - Arbitrary File Read via Page Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-39210. PoCs published by KRookieSec.

AI-analyzed exploit summary The repository describes an arbitrary file read vulnerability in Best House Rental Management System v1.0 via the 'Page' parameter in index.php, allowing attackers to read sensitive files. However, it lacks exploit code or technical details like affected functions or patch analysis.

Description

Best House Rental Management System v1.0 was discovered to contain an arbitrary file read vulnerability via the Page parameter at index.php. This vulnerability allows attackers to read arbitrary PHP files and access other sensitive information within the application.

Exploits (1)

nomisec WRITEUP 1 stars
by KRookieSec · poc
https://github.com/KRookieSec/CVE-2024-39210

The repository describes an arbitrary file read vulnerability in Best House Rental Management System v1.0 via the 'Page' parameter in index.php, allowing attackers to read sensitive files. However, it lacks exploit code or technical details like affected functions or patch analysis.

Classification
Writeup 80%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Best House Rental Management System v1.0
No auth needed
Prerequisites: Access to the vulnerable application
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0084
EPSS Percentile 53.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-200
Status published
Products (1)
mayurik/best_house_rental_management_system < 1.0
Published Jul 05, 2024
Tracked Since Feb 18, 2026