CVE-2023-43958

An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php of Hospital Management System v4.0 allows an unauthenticated attacker to upload any file to the server and execute arbitrary code.

Published: Apr 22, 2025
Updated: May 15, 2025
CVE: CVE-2023-43958
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
kishan0725 / hospital_management_system	4.0	4.0.x

https://flashy-lemonade-192.notion.site/Unauthenticated-arbitrary-file-upload-via-jQuery-File-Upload-in-Hospital-Management-System-3c02c1e8ef65432686321fcbad78bb1e
https://flashy-lemonade-192.notion.site/Unauthenticated-arbitrary-file-upload-via-jQuery-File-Upload-in-Hospital-Management-System-3c02c1e8ef65432686321fcbad78bb1e?pvs=4

Vulnerability Database

291,049

CVE-2023-43958