CVE-2026-12775

HIGH 7.3

Montodel House-Rental-Management login.php sql injection

CVSS Score

7.3

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability was detected in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The vendor was contacted early about this disclosure but did not respond in any way.

CWE	CWE-89 CWE-74
Vendor	montodel
Product	house-rental-management
Published	Jun 21, 2026

Stay Ahead of the Next One

Get instant alerts for montodel house-rental-management

Be the first to know when new high vulnerabilities affecting montodel house-rental-management are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Montodel / House-Rental-Management

90010017b81265eb1ef3810268909f7719a33863

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/372517 vuldb.com: https://vuldb.com/vuln/372517/cti vuldb.com: https://vuldb.com/cve/CVE-2026-12775 vuldb.com: https://vuldb.com/submit/835036 github.com: https://github.com/yihaofuweng/cve/issues/67

Credits

🔍 yingxiujie (VulDB User) VulDB CNA Team