从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞编号:#402386 2. 漏洞名称:SourceCodester Clinics Patient Management System 2.0 Open Redirect 3. 受影响的项目:Sourcecodester Clinic's Patient Management System - PHP 2.0 4. 受影响的版本:2.0 5. 漏洞描述: - Unauthenticated Open Redirect Vulnerability was discovered in Sourcecodester's Clinic's Patient Management System - PHP 2.0 via congratulations.php - The issue lies in the fact that the $gotoPage variable is taken directly from the $_GET superglobal, which can be easily manipulated by an attacker. By crafting a malicious URL, an attacker can redirect users to any website, including ones that may be used for phishing or other malicious purposes. 6. 漏洞代码示例: 7. PoC(Proof of Concept): - POC: http://192.168.95.115/congratulation.php?goto_page=https://example.com 8. 漏洞来源: - Source: https://github.com/gurudattach/CVEs/blob/main/Sourcecodester-Clinic\#039;s-Patient-Management-System-Open-Redirect.md 9. 提交者:guru (ID 74056) 10. 提交时间:09/04/2024 12:28 PM (3 days ago) 11. 审核时间:09/06/2024 11:22 PM (2 days later) 这些信息详细描述了漏洞的性质、影响范围、代码示例、PoC、来源以及提交和审核的时间。