RSS   Podatności dla 'Openclinic ga'   RSS

2020-07-29
 
CVE-2020-14488

CWE-434
 

 
OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded files, which may allow a low-privilege user to upload and execute arbitrary files on the system.

 
 
CVE-2020-14487

NVD-CWE-Other
 

 
OpenClinic GA 5.09.02 contains a hidden default user account that may be accessed if an administrator has not expressly turned off this account, which may allow an attacker to login and execute arbitrary commands.

 


Copyright 2024, cxsecurity.com

 

Back to Top