Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-emr openemr 4.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-4453
interface/globals.php in OpenEMR 2.x, 3.x, and 4.x prior to 4.2.0 patch 2 allows remote malicious users to bypass authentication and obtain sensitive information via an ignoreAuth=1 value to certain scripts, as demonstrated by (1) interface/fax/fax_dispatch_newpid.php and (2) int...
Open-emr Openemr 2.8.3
Open-emr Openemr 4.0.0
Open-emr Openemr 3.2.0
Open-emr Openemr 4.1.1
Open-emr Openemr 4.2.0
Open-emr Openemr 4.1.0
Open-emr Openemr 4.1.2
Open-emr Openemr 3.0.1
Open-emr Openemr 3.1.0
Open-emr Openemr 2.9.0
NA
CVE-2011-5160
Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote malicious users to inject arbitrary web script or HTML via the site parameter.
Open-emr Openemr 4.0.0
Open-emr Openemr 4.1.1
Open-emr Openemr 4.1.0
2 EDB exploits
NA
CVE-2011-5161
Unrestricted file upload vulnerability in the patient photograph functionality in OpenEMR 4 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the pat...
Open-emr Openemr 4.0.0
Open-emr Openemr 4.1.1
Open-emr Openemr 4.1.0
1 EDB exploit
NA
CVE-2012-2115
SQL injection vulnerability in interface/login/validateUser.php in OpenEMR 4.1.0 and possibly earlier allows remote malicious users to execute arbitrary SQL commands via the u parameter.
Open-emr Openemr
Open-emr Openemr 4.0.0
Open-emr Openemr 3.2.0
Open-emr Openemr 3.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started