5 matches found
CVE-2024-0264
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /LoginRegistration.php. The manipulation of the argument formToken leads to authorization bypass. The attack can be initiated remotely. The...
Clinic Queuing System 1.0 Remote Code Execution
Exploit Title: Clinic Queuing System 1.0 RCE Date: 2024/1/7 Exploit Author: Juan Marco Sanchez Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/16439/clinic-queuing-system-using-php-and-sqlite3-source-code-free-download.html Version: 1.0 Tested on...
Clinic Queuing System 1.0 - Remote Code Execution Exploit
Exploit Title: Clinic Queuing System 1.0 RCE Exploit Author: Juan Marco Sanchez Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/16439/clinic-queuing-system-using-php-and-sqlite3-source-code-free-download.html Version: 1.0 Tested on: Debian Linux...
CVE-2024-0264
creationtimestamp| type| source ---|---|--- 2024-01-07 06:21:22+00:00| seen| https://t.me/ctinow/164064 2024-01-08 22:29:49+00:00| seen| https://t.me/arpsyndicate/2689 2024-01-10 23:16:50+00:00| seen| https://t.me/ctinow/166204 2024-01-24 18:16:32+00:00| seen| https://t.me/ctinow/172969 2024-01-2...
CVE-2024-0264
CVE-2024-0264 affects SourceCodester Clinic Queuing System 1.0 in the /LoginRegistration.php handling of formToken. The root cause is an authorization bypass due to a flawed validation of formToken (session vs. POST) that allows remote exploitation; multiple sources document this CVE and indicate...