module

Clinic's Patient Management System 1.0 - Unauthenticated RCE

Try Surface Command
Back to search
Disclosed
Jan 4, 2025

Description

This module exploits an SQL injection in login portal, which allows to log in as admin. Next, it allows the attacker to upload malicious files through user modification to achieve RCE.
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today