Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Openemr'
2022-04-18
CVE-2020-13567
CWE-89
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
2022-03-30
CVE-2022-1178
CWE-79
Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.
CVE-2022-1179
CWE-79
Non-Privilege User Can Created New Rule and Lead to Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.
CVE-2022-1180
CWE-79
Reflected Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.
CVE-2022-1181
CWE-79
Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.2.
CVE-2022-1177
CWE-863
Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to 6.1.0.
2022-03-25
CVE-2022-24643
CWE-79
A stored cross-site scripting (XSS) issue was discovered in the OpenEMR Hospital Information Management System version 6.0.0.
2022-03-23
CVE-2022-25041
CWE-668
OpenEMR v6.0.0 was discovered to contain an incorrect access control issue.
2022-03-03
CVE-2022-25471
CWE-639
An Insecure Direct Object Reference (IDOR) vulnerability in OpenEMR 6.0.0 allows any authenticated attacker to access and modify unauthorized areas via a crafted POST request to /modules/zend_modules/public/Installer/register.
2021-12-17
CVE-2021-41843
CWE-89
An authenticated SQL injection issue in the calendar search function of OpenEMR 6.0.0 before patch 3 allows an attacker to read data from all tables of the database via the parameter provider_id, as demonstrated by the /interface/main/calendar/index.php?module=PostCalendar&func=search URI.
Copyright
2024
, cxsecurity.com
Back to Top