SourceCodester Free Hospital Management System for Small Practices Redirect behavioral workflow
CVE-2023-4181

9.8CRITICAL

Key Information:

Vendor

SourceCodester
Status
Free Hospital Management System for Small Practices
Vendor
CVE Published:
6 August 2023

What is CVE-2023-4181?

A vulnerability has been identified in SourceCodester's Free Hospital Management System for Small Practices, specifically in the component responsible for redirect handling. This issue allows an attacker to manipulate certain functionalities, leading to potential enforcement of unauthorized behavioral workflows. The vulnerability affects the file located at /vm/admin/delete-doctor.php, which can be exploited remotely. This public exploit poses a significant risk to users of the system, as it may enable malicious actors to alter operational processes without proper authorization.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Free Hospital Management System for Small Practices 1.0

References

https://vuldb.com/?id.236216
vdb-entrytechnical-description
https://vuldb.com/?ctiid.236216
signaturepermissions-required
https://github.com/Yesec/Free-Hospital-Management-System-...
exploit

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

YeSec (VulDB User)
JSON
.