CVE-2020-28939

OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server.
References
Link Resource
https://labs.bishopfox.com/advisories/openclinic-version-0.8.2 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:openclinic_project:openclinic:0.8.2:*:*:*:*:*:*:*

Information

Published : 2020-12-03 04:15

Updated : 2020-12-07 02:23


NVD link : CVE-2020-28939

Mitre link : CVE-2020-28939

Products Affected
No products.
CWE