Описание
Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can upload any PHP file, and then execute it.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00186
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can upload any PHP file, and then execute it.
EPSS
Процентиль: 41%
0.00186
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-434