CVE-2024-11674 | CodeAstro Hospital Management System 1.0 his_doc_update-account.php doc_dpic unrestricted upload

Inserito da Angelo Barbosa | Nov 25, 2024 | CVE

A vulnerability, which was classified as critical, was found in CodeAstro Hospital Management System 1.0. Affected is an unknown function of the file /backend/doc/his_doc_update-account.php. The manipulation of the argument doc_dpic leads to unrestricted upload.

This vulnerability is traded as CVE-2024-11674. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-11674 | CodeAstro Hospital Management System 1.0 his_doc_update-account.php doc_dpic unrestricted upload

Post correlati

CVE-2023-5738 | Backup & Migration Plugin up to 1.4.3 on WordPress cross site scripting

CVE-2024-42276 | Linux Kernel up to 6.1.102/6.6.43/6.10.2 nvme-pci nvme_map_data null pointer dereference

CVE-2024-47250 | Apache NimBLE up to 1.7.0 HCI Advertising Report Validation out-of-bounds

CVE-2024-45447 | Huawei HarmonyOS/EMUI Camera Framework Module information disclosure