Skip to main content

Medicine Tracker System CVE-2023-7134

CRITICAL
Path Traversal: '../filedir' (CWE-24)
2023-12-28 cna@vuldb.com
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 28, 2023 - 20:16 nvd
CRITICAL 9.8

DescriptionNVD

A vulnerability was found in SourceCodester Medicine Tracking System 1.0. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument page leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249137 was assigned to this vulnerability.

AnalysisAI

A vulnerability was found in SourceCodester Medicine Tracking System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-24. A vulnerability was found in SourceCodester Medicine Tracking System 1.0. It has been rated as critical. The manipulation of the argument page leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249137 was assigned to this vulnerability. Affected products include: Oretnom23 Medicine Tracker System.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2023-7123 CRITICAL POC
9.8 Dec 28

A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracking System 1.0.php? f=

CVE-2023-1439 CRITICAL POC
9.8 Mar 17

A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracker System 1.0.php of t

CVE-2024-7226 MEDIUM POC
6.9 Jul 30

A vulnerability was found in SourceCodester Medicine Tracker System 1.0. Rated medium severity (CVSS 6.9), this vulnerab

CVE-2024-6418 MEDIUM POC
6.9 Jun 30

A vulnerability classified as critical has been found in SourceCodester Medicine Tracker System 1.0. Rated medium severi

CVE-2023-5581 MEDIUM POC
6.1 Oct 14

A vulnerability classified as problematic was found in SourceCodester Medicine Tracker System 1.0. Rated medium severity

CVE-2023-1464 CRITICAL
9.8 Mar 17

A vulnerability, which was classified as critical, was found in SourceCodester Medicine Tracker System 1.0. Rated critic

CVE-2024-6419 MEDIUM POC
5.3 Jul 01

A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. Rated medium severity (C

CVE-2023-30458 MEDIUM POC
5.3 Apr 24

A username enumeration issue was discovered in Medicine Tracker System 1.0. Rated medium severity (CVSS 5.3), this vulne

CVE-2023-30112 HIGH
7.5 Apr 26

Medicine Tracker System in PHP 1.0.0 is vulnerable to SQL Injection. Rated high severity (CVSS 7.5), this vulnerability

CVE-2023-30111 MEDIUM
6.1 Apr 26

Medicine Tracker System in PHP 1.0.0 is vulnerable to Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this

CVE-2023-30106 MEDIUM
6.1 Apr 26

Sourcecodester Medicine Tracker System in PHP 1.0.0 is vulnerable to Cross Site Scripting (XSS) via page=about. Rated me

CVE-2023-1447 MEDIUM
6.1 Mar 17

A vulnerability, which was classified as problematic, has been found in SourceCodester Medicine Tracker System 1.0. Rate

Share

CVE-2023-7134 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy