CVE-2022-36542

Published: Aug 26, 2022Modified: Dec 16, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Exploitability: 1.2 / Impact: 5.2

Source: NVD

Description

An access control issue in the component /ip/admin/ of Edoc-doctor-appointment-system v1.0.1 allows attackers to arbitrarily edit, read, and delete Administrator data.

Affected (1)

Products: Hashenudara: Edoc Doctor Appointment System

Hashenudara

1 product

Edoc Doctor Appointment System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hashenudara Edoc Doctor Appointment System	Version 1.0.1

References (4)

https://github.com/HashenUdara/edoc-doctor-appointment-system

Source: cve@mitre.org

ProductThird Party Advisory

https://github.com/onEpAth936/cve/blob/master/bug_e/edoc-doctor-appointment-system

Source: cve@mitre.org

Third Party Advisory

https://github.com/HashenUdara/edoc-doctor-appointment-system

Source: af854a3a-2127-422b-91ae-364da2661108

ProductThird Party Advisory

https://github.com/onEpAth936/cve/blob/master/bug_e/edoc-doctor-appointment-system

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.