Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openemr vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-13567
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
Open-emr Openemr 5.0.2
Phpgacl Project Phpgacl 3.3.7
Open-emr Openemr 6.0.0
NA
CVE-2022-4503
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
NA
CVE-2022-4504
Improper Input Validation in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
NA
CVE-2022-4505
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
NA
CVE-2022-4506
Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
NA
CVE-2023-2566
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr before 7.0.1.
Open-emr Openemr
4.3
CVSSv2
CVE-2018-18035
A vulnerability in flashcanvas.swf in OpenEMR prior to 5.0.1 Patch 6 could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack on a targeted system.
Open-emr Openemr
6.5
CVSSv2
CVE-2014-5462
Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) layout_id parameter to interface/super/edit_layout.php; (2) form_patient_id, (3) form_drug_name, or (4) form_lot_...
Open-emr Openemr
1 EDB exploit
NA
CVE-2022-4615
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
7.5
CVSSv2
CVE-2018-17179
An issue exists in OpenEMR prior to 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php.
Open-emr Openemr
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »