Clinic's_Directory.md

Clinic's Patient Management System has Directory traversal vulnerability

submitter

zhangMingMing

supplier

https://www.sourcecodester.com/php-clinics-patient-management-system-source-code

Vulnerability file

/pms/user_images/

describe

An unrestricted directory traversal attack exists in an inventory management system. An attacker can obtain sensitive server information through this vulnerability.

POC

Directly access the /pms/user_images/ path