Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openmrs reference application vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-43094
An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page.
Openmrs Openmrs
Openmrs Reference Application
6.1
CVSSv3
CVE-2021-4288
A vulnerability was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. It has been rated as problematic. This issue affects some unknown processing of the file omod/src/main/webapp/pages/userApp.gsp. The manipulation leads to cross site scripting. The attack may b...
Openmrs Reference Application
6.1
CVSSv3
CVE-2021-4289
A vulnerability classified as problematic was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. Affected by this vulnerability is the function post of the file omod/src/main/java/org/openmrs/module/referenceapplication/page/controller/UserAppPageController.java o...
Openmrs Reference Application
9.8
CVSSv3
CVE-2018-16521
An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0.
Openmrs Html Form Entry 3.7.0
Openmrs Reference Application 2.8.0
9.8
CVSSv3
CVE-2017-12796
The Reporting Compatibility Add On prior to 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application prior to 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute o...
Openmrs Openmrs
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started