How severe is CVE-2023-4181?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2023-4181?

This is classified as CWE-841, which is a common weakness in software security.

CVE-2023-4181 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

A vulnerability, which was classified as critical, has been found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this issue is some unknown functionality of the file /vm/admin/delete-doctor.php?id=2 of the component Redirect Handler. The manipulation leads to enforcement of behavioral workflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-236216.

Related Vulnerabilities

CVE-2022-2105

CRITICAL

CVSS:9.1(Critical)

Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access...

CWE-8412022

CVE-2022-2105

CRITICAL

CVSS:9.1(Critical)

CWE-8412022

CVE-2024-0410

HIGH

CVSS:7.7(High)

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by...

CWE-8412024

CVE-2022-1667

HIGH

CVSS:7.5(High)

Client-side JavaScript controls may be bypassed by directly running a JS function to reboot the PLC (e.g., from the browser console) or by loading the corresponding, browser accessible PHP script

CWE-8412022

CVE-2022-2102

HIGH

CVSS:7.5(High)

Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code...

CWE-8412022

CVE-2024-46307

HIGH

CVSS:7.5(High)

A loop hole in the payment logic of Sparkshop v1.16 allows attackers to arbitrarily modify the number of products.

CWE-8412024