Hospital Management System jQuery File Upload Arbitrary File Upload Vulnerability

Vulnerability

A vulnerability allowing arbitrary file upload has been identified in the Hospital Management System version 4.0. This issue arises in the component '/jquery-file-upload/server/php/index.php', where an unauthenticated attacker can upload any file to the server, potentially leading to the execution of arbitrary code.

Impact

Exploitation of this vulnerability could allow an attacker to upload malicious files to the server and execute arbitrary code, posing a significant security risk.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

10.0

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.5

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

10.0

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.5

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hospital Management System jQuery File Upload Arbitrary File Upload Vulnerability

Vulnerability

Impact

Affected Products

Hospital Management System

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating