CVE-2022-38946

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 9, 2024
Updated: Dec 11, 2024
CWE ID 94

Summary

CVE-2022-38946 is a critical vulnerability affecting Doctor-Appointment version 1.0. This issue permits attackers to upload arbitrary files to the /Frontend/signup_com.php, which could ultimately lead to the execution of malicious code. By exploiting this Arbitrary File Upload vulnerability, unauthorized users gain the ability to manipulate the system and potentially gain unauthorized access or cause significant damage. This vulnerability poses a significant risk to the security of affected systems and should be addressed promptly through updates or patches provided by the vendor.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share