Unrestricted Upload of Dangerous File Type Vulnerability in Hospital Management System v1.0

Unrestricted Upload of Dangerous File Type Vulnerability in Hospital Management System v1.0

CVE-2022-24136 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can upload any PHP file, and then execute it.

Learn more about our Web Application Penetration Testing UK.