COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2022-36202

CVE-2022-36202

Severity
critical
Source
NVD · cve
Published
2022-08-31
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-36202
shame 35/100

Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.

Players implicated

doctor\'s appointment system project · vendordoctor\'s appointment system · product

Description

Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.