Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openemr openemr vulnerabilities and exploits
(subscribe to this query)
855
VMScore
CVE-2012-0992
interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter.
Openemr Openemr 4.1.0
1 EDB exploit
801
VMScore
CVE-2020-36243
The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. To exploit the vulnerability, an authenticated attacker can send a POST request that executes arbitrary OS commands via shell metacharacters.
Open-emr Openemr 5.0.2.1
801
VMScore
CVE-2019-8371
OpenEMR v5.0.1-6 allows code execution.
Open-emr Openemr 5.0.1-6
801
VMScore
CVE-2019-3968
In OpenEMR 5.0.1 and previous versions, an authenticated attacker can execute arbitrary commands on the host system via the Scanned Forms interface when creating a new form.
Open-emr Openemr
801
VMScore
CVE-2018-1000019
OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can result in OS command injection by an authenticated attacker with any role. This vulnerability appears to have been fixed in 5.0.0 Patch 2 or higher.
Open-emr Openemr 5.0.0
780
VMScore
CVE-2009-4140
Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer, as used in Piwik 0.2.35 up to and including 0.4.3, Woopra Analytics Plugin prior to 1.4.3.2, and possibly other products, when register_globals is enabled, al...
Teethgrinder.co.uk Open Flash Chart 2.0
Matomo Matomo 0.2.37
Matomo Matomo 0.4.2
Matomo Matomo 0.4.3
6 EDB exploits
755
VMScore
CVE-2012-2115
SQL injection vulnerability in interface/login/validateUser.php in OpenEMR 4.1.0 and possibly earlier allows remote malicious users to execute arbitrary SQL commands via the u parameter.
Open-emr Openemr
Open-emr Openemr 4.0.0
Open-emr Openemr 3.2.0
Open-emr Openemr 3.1.0
1 EDB exploit
755
VMScore
CVE-2006-5795
Multiple PHP remote file inclusion vulnerabilities in OpenEMR 2.8.1 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the srcdir parameter to (a) billing_process.php, (b) billing_report.php, (c) billin...
Openemr Openemr
1 EDB exploit
685
VMScore
CVE-2011-5161
Unrestricted file upload vulnerability in the patient photograph functionality in OpenEMR 4 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the pat...
Open-emr Openemr 4.0.0
Open-emr Openemr 4.1.1
Open-emr Openemr 4.1.0
1 EDB exploit
685
VMScore
CVE-2006-5811
PHP remote file inclusion vulnerability in library/translation.inc.php in OpenEMR 2.8.1, with register_globals enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[srcdir] parameter.
Openemr Openemr 2.8.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »