What is CVE-2022-40471?

CVE-2022-40471 is a vulnerability in N/a. Published 2022-10-31.

Is CVE-2022-40471 known to be exploited?

10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-40471

Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php

EPSS: 0.903 (99.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

RashidKhanPathan/CVE-2022-40471
Dharan10/CVE-2022-40471
rapid7/metasploit-framework
k0mi-tg/CVE-POC
manas3c/CVE-POC
nomi-sec/PoC-in-GitHub
ARPSyndicate/cvemon
whoforget/CVE-POC
youwizard/CVE-POC
subashinibalaji/subashinibalaji.github.io

References

www.sourcecodester.com/php-clinics-patient-management-system-source-code
drive.google.com/file/d/1m-wTfOL5gY3huaSEM3YPSf98qIrkl-TW/view
github.com/RashidKhanPathan/CVE-2022-40471

Frequently asked questions

What is CVE-2022-40471?: CVE-2022-40471 is a vulnerability in N/a. Published 2022-10-31.
Is CVE-2022-40471 known to be exploited?: 10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.