← Back

CVE-2022-24232

nvd nist
Published: Feb 24, 2022Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

A local file inclusion in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

Affected (1)

Hospital's Patient Records Management System Project
1 product
Hospital's Patient Records Management System
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Hospital's Patient Records Management System
Version 1.0

Related CWEs

CWE-829
Inclusion of Functionality from Untrusted Control Sphere
The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

References (2)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.