Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-emr openemr vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2014-5462
Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) layout_id parameter to interface/super/edit_layout.php; (2) form_patient_id, (3) form_drug_name, or (4) form_lot_...
Open-emr Openemr
1 EDB exploit
NA
CVE-2022-2731
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr before 7.0.0.1.
Open-emr Openemr
NA
CVE-2022-2732
Missing Authorization in GitHub repository openemr/openemr before 7.0.0.1.
Open-emr Openemr
NA
CVE-2022-2733
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr before 7.0.0.1.
Open-emr Openemr
NA
CVE-2022-4615
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr before 7.0.0.2.
Open-emr Openemr
5
CVSSv2
CVE-2017-16540
OpenEMR prior to 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR site to an arbitrary attacker-controlled MySQL server via vectors involving a crafted state parameter.
Open-emr Openemr
4.3
CVSSv2
CVE-2018-18035
A vulnerability in flashcanvas.swf in OpenEMR prior to 5.0.1 Patch 6 could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack on a targeted system.
Open-emr Openemr
3.5
CVSSv2
CVE-2022-1458
Stored XSS Leads To Session Hijacking in GitHub repository openemr/openemr before 6.1.0.1.
Open-emr Openemr
5.5
CVSSv2
CVE-2022-1459
Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr before 6.1.0.1.
Open-emr Openemr
4
CVSSv2
CVE-2022-1461
Non Privilege User can Enable or Disable Registered in GitHub repository openemr/openemr before 6.1.0.1.
Open-emr Openemr
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
open redirect
CVE-2024-3946
LFI
CVE-2024-25977
CVE-2024-36368
CVE-2024-23109
CVE-2024-23580
CVE-2024-23108
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »