2 matches found
CVE-2022-36202
Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control IDOR via id= parameter...
CVE-2022-36202
CVE-2022-36202 affects Doctor's Appointment System1.0, specifically the edoc/patient/settings.php component. The vulnerability is an IDOR/Broken Access Control in the id= parameter, enabling unauthorized access to settings. The CVSS v3.1 base score is 9.8 (CRITICAL) with NETWORK attack vector, an...