How severe is CVE-2024-42774?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2024-42774?

This is classified as CWE-269, which is a common weakness in software security.

CVE-2024-42774

HIGH Year: 2024

CVSS v3 Score

7.5

High

Weakness Type

CWE-269

View all →

Vulnerability Description

An Incorrect Access Control vulnerability was found in /admin/delete_room.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to delete valid hotel room entries in the administrator section.

CVE-2012-1563

HIGH

CVSS:7.5(High)

Joomla! before 2.5.3 allows Admin Account Creation.

CWE-2692012

CVE-2012-5663

HIGH

CVSS:7.5(High)

The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp).

CWE-2692012

CVE-2015-8467

HIGH

CVSS:7.5(High)

The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative ...

CWE-2692015

CVE-2017-16520

HIGH

CVSS:7.5(High)

Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners.

CWE-2692017

CVE-2017-5722

HIGH

CVSS:7.5(High)

Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enfor...

CWE-2692017

CVE-2017-7803

HIGH

CVSS:7.5(High)

When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbir...

CWE-2692017

CVE-2024-42774

Vulnerability Description

Related Vulnerabilities

CVE-2012-1563

CVE-2012-5663

CVE-2015-8467

CVE-2017-16520

CVE-2017-5722

CVE-2017-7803