exploitDog

CVE-2023-31498

Опубликовано: 11 мая 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter.

Ссылки

https://gist.github.com/captain-noob/aff11542477ddd0a92ad8b94ec75f832
Exploit
Mitigation
Third Party Advisory
https://github.com/captain-noob
Not Applicable
https://twitter.com/captain__noob
Not Applicable
https://gist.github.com/captain-noob/aff11542477ddd0a92ad8b94ec75f832
Exploit
Mitigation
Third Party Advisory
https://github.com/captain-noob
Not Applicable
https://twitter.com/captain__noob
Not Applicable

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgurukul:hospital_management_system:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.09118

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-384

CWE-384

Связанные уязвимости

GHSA-gvqg-qrvh-38g6

CVSS3: 9.8

github

больше 2 лет назад

A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter.

EPSS

Процентиль: 92%

0.09118

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-384

CWE-384