Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openemr openemr vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-13567
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
Open-emr Openemr 5.0.2
Phpgacl Project Phpgacl 3.3.7
Open-emr Openemr 6.0.0
NA
CVE-2022-4733
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
312
VMScore
CVE-2022-1178
Stored Cross Site Scripting in GitHub repository openemr/openemr before 6.0.0.4.
Open-emr Openemr
312
VMScore
CVE-2022-1180
Reflected Cross Site Scripting in GitHub repository openemr/openemr before 6.0.0.4.
Open-emr Openemr
578
VMScore
CVE-2017-9380
OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application.
Open-emr Openemr
578
VMScore
CVE-2020-29142
A SQL injection vulnerability in interface/usergroup/usergroup_admin.php in OpenEMR prior to 5.0.2.5 allows a remote authenticated malicious user to execute arbitrary SQL commands via the schedule_facility parameter when restrict_user_facility=on is in global settings.
Open-emr Openemr
578
VMScore
CVE-2018-15150
SQL injection vulnerability in interface/de_identification_forms/de_identification_screen2.php in versions of OpenEMR prior to 5.0.1.4 allows a remote authenticated malicious user to execute arbitrary SQL commands via the 'temporary_files_dir' variable in interface/supe...
Open-emr Openemr
NA
CVE-2022-2493
Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr before 7.0.0.
Open-emr Openemr
NA
CVE-2022-2494
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr before 7.0.0.
Open-emr Openemr
NA
CVE-2022-2729
Cross-site Scripting (XSS) - DOM in GitHub repository openemr/openemr before 7.0.0.1.
Open-emr Openemr
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »