Published: 17/05/2019 Updated: 20/05/2019

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

An issue exists in OpenEMR prior to 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
open-emr openemr

Methodology and accompanying scripts to identify novel CVEs using information from existing CVEs. Based on the talk "Stalking Known Open Source Offenders for Novel CVEs" from BSidesCT and BSidesDayton.

Stalking Known Open Source Offenders for Novel CVEs This repository contains a methodology for finding novel vulnerabilities in open source projects that have CVEs that have already been discovered The talk was presented at BSidesCT and BSidesDayton in 2020 BSidesDayton (2020-11-21): wwwyoutubecom/watch?v=Eq59O381jj0 BSidesCT (2020-11-14): wwwyoutubecom/w

CWE-89 https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29 https://github.com/openemr/openemr/commit/3e22d11c7175c1ebbf3d862545ce6fee18f70617 https://nvd.nist.gov https://github.com/mynameiswillporter/Stalking-Open-Source-Offenders

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-17179

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect