CVE-2022-40471

Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php > MITRE Terms of Use apply – see LICENSE‑MITRE.txt