RSS   Vulnerabilities for
'Simple doctor\'s appointment system'
   RSS

2022-05-04
 
CVE-2022-28568

CWE-434
 

 
Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored.

 


Copyright 2024, cxsecurity.com

 

Back to Top