Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-emr openemr vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-2824
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr before 7.0.0.1.
Open-emr Openemr
8.1
CVSSv3
CVE-2017-1000241
The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators.
Open-emr Openemr
6.5
CVSSv3
CVE-2022-2730
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr before 7.0.0.1.
Open-emr Openemr
8.3
CVSSv3
CVE-2022-2732
Missing Authorization in GitHub repository openemr/openemr before 7.0.0.1.
Open-emr Openemr
9.8
CVSSv3
CVE-2018-17179
An issue exists in OpenEMR prior to 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php.
Open-emr Openemr
1 Github repository
9.8
CVSSv3
CVE-2018-17181
An issue exists in OpenEMR prior to 5.0.1 Patch 7. SQL Injection exists in the SaveAudit function in /portal/lib/paylib.php and the portalAudit function in /portal/lib/appsql.class.php.
Open-emr Openemr
6.1
CVSSv3
CVE-2022-4502
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
4.3
CVSSv3
CVE-2022-4505
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
8.1
CVSSv3
CVE-2023-2946
Improper Access Control in GitHub repository openemr/openemr before 7.0.1.
Open-emr Openemr
8.1
CVSSv3
CVE-2023-2950
Improper Authorization in GitHub repository openemr/openemr before 7.0.1.
Open-emr Openemr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »