PT-2022-16551 · Unknown · Hospital'S Patient Records Management System

Published

2022-02-24

Updated

2022-03-03

CVE-2022-24232

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Hospital Patient Record Management System version 1.0

Description A local file inclusion issue allows attackers to execute arbitrary code via a crafted PHP file.

Recommendations For Hospital Patient Record Management System version 1.0, consider removing or restricting access to crafted PHP files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-829

Related Identifiers

CVE-2022-24232

Affected Products

Hospital'S Patient Records Management System

PT-2022-16551 · Unknown · Hospital'S Patient Records Management System

CVE-2022-24232

Weakness Enumeration

Related Identifiers

Affected Products

References · 4