PT-2026-29194 · Sourcecodester · Simple Doctors Appointment System
Dyh18
·
Published
2026-03-31
·
Updated
2026-03-31
·
CVE-2026-5181
CVSS v2.0
6.5
Medium
| AV:N/AC:L/Au:S/C:P/I:P/A:P |
A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some unknown processing of the file /doctors appointment/admin/ajax.php?action=save category. Such manipulation of the argument img leads to unrestricted upload. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Exploit
Fix
Improper Access Control
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Simple Doctors Appointment System