CVE-2024-4294

Name of the Vulnerable Software and Affected Versions PHPGurukul Doctor Appointment Management System version 1.0

Description A critical issue has been found in the PHPGurukul Doctor Appointment Management System, affecting some unknown functionality of the file /doctor/view-appointment-detail.php. The manipulation of the editid argument leads to improper control of resource identifiers. The attack can be launched remotely. The issue has been publicly disclosed and may be exploited.

Recommendations For PHPGurukul Doctor Appointment Management System version 1.0, as a temporary workaround, consider restricting access to the /doctor/view-appointment-detail.php file until a patch is available. Avoid using the editid argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.