2 matches found
CVE-2022-28568
Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored...
CVE-2022-28568
Sourcecodester Doctor's Appointment System 1.0 is affected by a File Upload to RCE vulnerability via image uploads from the administrator panel. The underlying issue is improper handling of uploaded image files, allowing remote command execution once the attacker can locate the image storage path...