Vulnerability Details CVE-2022-40471
Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php
Exploit prediction scoring system (EPSS) score
EPSS Score 0.881
EPSS Ranking 99.4%
CVSS Severity
CVSS v3 Score 9.8
References
- https://drive.google.com/file/d/1m-wTfOL5gY3huaSEM3YPSf98qIrkl-TW/view?usp=sharing
- https://github.com/RashidKhanPathan/CVE-2022-40471
- https://www.sourcecodester.com/php-clinics-patient-management-system-source-code
- https://drive.google.com/file/d/1m-wTfOL5gY3huaSEM3YPSf98qIrkl-TW/view?usp=sharing
- https://github.com/RashidKhanPathan/CVE-2022-40471
- https://www.sourcecodester.com/php-clinics-patient-management-system-source-code
Products affected by CVE-2022-40471
-
cpe:2.3:a:oretnom23:clinic's_patient_management_system:1.0