CVE-2022-36202

Опубликовано: 31 авг. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.

Ссылки

http://hshnudr.com
Not Applicable
URL Repurposed
https://github.com/aznull/CVEs
Third Party Advisory
https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html
Product
http://hshnudr.com
Not Applicable
URL Repurposed
https://github.com/aznull/CVEs
Third Party Advisory
https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:doctor\'s_appointment_system_project:doctor\'s_appointment_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00412

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-639

Связанные уязвимости

GHSA-m6pw-38q3-7wrw