CVE-2022-38946
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2022-38946 is a critical vulnerability affecting Doctor-Appointment version 1.0. This issue permits attackers to upload arbitrary files to the /Frontend/signup_com.php, which could ultimately lead to the execution of malicious code. By exploiting this Arbitrary File Upload vulnerability, unauthorized users gain the ability to manipulate the system and potentially gain unauthorized access or cause significant damage. This vulnerability poses a significant risk to the security of affected systems and should be addressed promptly through updates or patches provided by the vendor.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.