VYPR
Unrated severityNVD Advisory· Published Nov 25, 2024· Updated Nov 26, 2024

CodeAstro Hospital Management System his_doc_update-account.php unrestricted upload

CVE-2024-11674

Description

A vulnerability, which was classified as critical, was found in CodeAstro Hospital Management System 1.0. Affected is an unknown function of the file /backend/doc/his_doc_update-account.php. The manipulation of the argument doc_dpic leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.