CVE-2020-20444
Published
CVSS v3
7.2
HIGH
CVSS v2
6.5
MEDIUM
Affected
1
PROJECT
Description
Jact OpenClinic 0.8.20160412 allows the attacker to read server files after login to the the admin account by an infected 'file' GET parameter in '/shared/view_source.php' which "could" lead to RCE vulnerability .
OpenClinic is an easy to use, open source, medical records system written in PHP.
GitHub