CVE-2023-43958

Critical CVSS: 9.8

An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php of Hospital Management System v4.0 allows an unauthenticated attacker to upload any file to the server and execute arbitrary code.

Vendor

Kishan0725

Product

Hospital Management System

CWE

CWE-94

Yayın Tarihi

2025-04-22 18:15:58

Güncelleme

2025-05-14 13:14:04

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-94 Hospital Management System CRITICAL Kishan0725 2025

Referanslar

https://flashy-lemonade-192.notion.site/Unauthenticated-arbitrary-file-upload-via-jQuery-File-Upload-in-Hospital-Management-System-3c02c1e8ef65432686321fcbad78bb1e https://flashy-lemonade-192.notion.site/Unauthenticated-arbitrary-file-upload-via-jQuery-File-Upload-in-Hospital-Management-System-3c02c1e8ef65432686321fcbad78bb1e?pvs=4

Benzer Kayıtlar

Medium

CVE-2025-63514

kishan0725 Hospital Management System has a Cross-Site Scripting (XSS) vulnerability in appsearch.php via the email para…

Medium

CVE-2025-63513

kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerability in the appointment…

Medium

CVE-2025-63512

kishan0725 Hospital Management System/ v4 is vulnerable to SQL Injection in admin-panel1.php, specifically in the deleti…

Critical

CVE-2023-41525

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter…

Critical

CVE-2023-41526

Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the user…

Critical

CVE-2023-41527

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in fun…