OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-03T15:59:03
Updated: 2024-08-04T16:48:00.567Z
Reserved: 2020-11-19T00:00:00
Link: CVE-2020-28939
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-12-03T16:15:12.497
Modified: 2020-12-07T14:23:12.680
Link: CVE-2020-28939
Redhat
No data.