Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openemr vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-3966
In OpenEMR 5.0.1 and previous versions, controller.php contains a reflected XSS vulnerability in the foreign_id parameter. This could allow an malicious user to execute arbitrary code in the context of a user's session.
Open-emr Openemr
578
VMScore
CVE-2017-9380
OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application.
Open-emr Openemr
668
VMScore
CVE-2019-14529
OpenEMR prior to 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php.
Open-emr Openemr
1 Github repository
NA
CVE-2022-2732
Missing Authorization in GitHub repository openemr/openemr before 7.0.0.1.
Open-emr Openemr
NA
CVE-2022-2733
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr before 7.0.0.1.
Open-emr Openemr
NA
CVE-2022-4615
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
NA
CVE-2022-4567
Improper Access Control in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
445
VMScore
CVE-2017-16540
OpenEMR prior to 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR site to an arbitrary attacker-controlled MySQL server via vectors involving a crafted state parameter.
Open-emr Openemr
NA
CVE-2023-22972
A Reflected Cross-site scripting (XSS) vulnerability in interface/forms/eye_mag/php/eye_mag_functions.php in OpenEMR < 7.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the REQUEST_URI.
Open-emr Openemr
578
VMScore
CVE-2017-1000241
The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators.
Open-emr Openemr
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »