CVE-2022-38946

Name of the Vulnerable Software and Affected Versions Doctor-Appointment version 1.0

Description The issue allows attackers to execute arbitrary code due to an arbitrary file upload vulnerability in the /Frontend/signup com.php endpoint. This vulnerability enables attackers to upload malicious files, potentially leading to code execution.

Recommendations For Doctor-Appointment version 1.0, consider disabling the file upload functionality in the /Frontend/signup com.php endpoint until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation. Avoid using this endpoint for file uploads until the issue is resolved.