Edoc-doctor-appointment-system Schwachstellen

Version

1.0.18

Massnahmen

Official Fix0
Temporary Fix0
Workaround0
Unavailable0
Not Defined8

Ausnutzbarkeit

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined8

Zugriffsart

Not Defined0
Physical0
Local0
Adjacent2
Network6

Authentisierung

Not Defined0
High0
Low6
None2

Benutzeraktivität

Not Defined0
Required4
None4

CVSSv3 Base

≤10
≤20
≤30
≤40
≤52
≤62
≤72
≤82
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤40
≤52
≤62
≤72
≤82
≤90
≤100

VulDB

≤10
≤20
≤30
≤42
≤52
≤62
≤72
≤80
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤62
≤72
≤80
≤92
≤102

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Hersteller

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k4
<2k4
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploit heute

<1k8
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Affected Versions (1): 1.0.1

Softwaretyp: Appointment Software

VeröffentlichtBaseTempSchwachstelle0dayHeuteAusMasCTICVE
27.08.20226.05.9edoc-doctor-appointment-system erweiterte Rechte$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-36542
27.08.20224.44.4edoc-doctor-appointment-system settings.php Cross Site Scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-36548
27.08.20224.84.7edoc-doctor-appointment-system index.php Cross Site Scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-36547
27.08.20226.56.5edoc-doctor-appointment-system settings.php Cross Site Request Forgery$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-36546
27.08.20226.36.1edoc-doctor-appointment-system settings.php SQL Injection$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-36545
27.08.20228.07.9edoc-doctor-appointment-system booking.php SQL Injection$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-36544
27.08.20228.07.9edoc-doctor-appointment-system doctors.php SQL Injection$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2022-36543

ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!