ГлавнаяУязвимости → CVE-2020-26629
9.8критическая

CVE-2020-26629

Описание

A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server.

Затрагиваемое ПО
Phpgurukul Hospital management system
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://packetstormsecurity.com/files/176302/Hospital-Management-System-4.0-XSS-Shell-Upload-SQL-Injection.htmlhttps://packetstormsecurity.com/files/176302/Hospital-Management-System-4.0-XSS-Shell-Upload-SQL-Injection.html