CVE-2022-36202

CVE-2022-36202

EPSS 0.9%

Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://hshnudr.com https://github.com/aznull/CVEs https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html