CVE-2022-40471
published 2022-10-31CVE-2022-40471: Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in…
PriorityP274critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
19.37%
97.0th percentile
Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oretnom23 | clinic_s_patient_management_system | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for PHP file uploads to the profile picture upload endpoint in users.php; any multipart/form-data POST to users.php containing a .php extension in the filename field should be treated as malicious. ↗
- →Alert on HTTP GET requests browsing or listing the /pms/user_images/ directory, which may indicate an attacker enumerating uploaded web shells post-exploitation. ↗
- →The exploit is unauthenticated — no session cookie or login is required. Detect unauthenticated POST requests to users.php that include file upload content, especially from external IPs. ↗
- ·Directory listing must be enabled on /pms/user_images for the attacker to discover and execute the uploaded web shell; disabling directory listing breaks the exploit chain even if upload succeeds. ↗
- ·Vulnerability is confirmed only in Clinic's Patient Management System version 1.0; other versions are not referenced. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://drive.google.com/file/d/1m-wTfOL5gY3huaSEM3YPSf98qIrkl-TW/view?usp=sharinghttps://github.com/RashidKhanPathan/CVE-2022-40471https://www.sourcecodester.com/php-clinics-patient-management-system-source-codehttps://drive.google.com/file/d/1m-wTfOL5gY3huaSEM3YPSf98qIrkl-TW/view?usp=sharinghttps://github.com/RashidKhanPathan/CVE-2022-40471https://www.sourcecodester.com/php-clinics-patient-management-system-source-code
2022-10-31
Published