Security Advisory

CVE-2020-28939

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-03 15:59:03

Last updated 2024-08-04 16:48:00

Assigner mitre

State PUBLISHED

Description

OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server.

← Browse all CVEs View on cve.org ↗