Lucene search
China National Vulnerability DatabaseCNVD-2023-11425HistoryFeb 21, 2023 - 12:00 a.m.
Pharmacy Management System Arbitrary File Upload Vulnerability
2023-02-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
pharmacy management system
arbitrary file upload
mpms
mayuri k
avatar image handler
file validation
remote code execution
cnvd
0.001 Low
EPSS
Percentile
51.1%
Pharmacy Management System (MPMS) is a multi-lingual pharmacy management system developed by Mayuri K. The Pharmacy Management System v1.0 version is vulnerable to arbitrary file uploads due to a lack of validation of uploaded files in the add.php file of the component Avatar Image Handler. php file in the component Avatar Image Handler lacks validation for uploaded files, which can be exploited to upload malicious files and remotely execute arbitrary code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pharmacy management system pharmacy management system v | eq | 1.0 |
Related
prion
prion
Out-of-bounds
2023-02-19 09:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-0918
2023-02-19 09:15:11
cve
cve
CVE-2023-0918
2023-02-19 09:15:11