Vulnerability Details CVE-2023-43958
An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php of Hospital Management System v4.0 allows an unauthenticated attacker to upload any file to the server and execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.4%
CVSS Severity
CVSS v3 Score 9.8
References
- https://flashy-lemonade-192.notion.site/Unauthenticated-arbitrary-file-upload-via-jQuery-File-Upload-in-Hospital-Management-System-3c02c1e8ef65432686321fcbad78bb1e
- https://flashy-lemonade-192.notion.site/Unauthenticated-arbitrary-file-upload-via-jQuery-File-Upload-in-Hospital-Management-System-3c02c1e8ef65432686321fcbad78bb1e?pvs=4
Products affected by CVE-2023-43958
-
cpe:2.3:a:kishan0725:hospital_management_system:4.0