Lucene search

CVE-2018-15139

🗓️ 13 Aug 2018 00:00:00Reported by AttackerKBType

Unrestricted file upload in OpenEMR before version 5.0.1.4 allows remote authenticated attacker to execute arbitrary PHP code via image upload form

Reporter	Title	Published	Views	Family All 13
NVD	CVE-2018-15139	13 Aug 201818:29	–	nvd
Packet Storm	OpenEMR 5.0.1.3 Shell Upload	14 Jun 202100:00	–	packetstorm
Packet Storm	OpenEMR 5.0.1.3 Shell Upload	13 Jul 202100:00	–	packetstorm
Cvelist	CVE-2018-15139	13 Aug 201818:00	–	cvelist
CVE	CVE-2018-15139	13 Aug 201818:29	–	cve
OSV	CVE-2018-15139	13 Aug 201818:29	–	osv
Prion	Unrestricted file upload	13 Aug 201818:29	–	prion
Exploit DB	OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated)	14 Jun 202100:00	–	exploitdb
Exploit DB	OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated) (2)	13 Jul 202100:00	–	exploitdb
0day.today	OpenEMR 5.0.1.3 - (manage_site_files) Remote Code Execution Exploit	14 Jun 202100:00	–	zdt

Source	Link
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
github	www.github.com/openemr/openemr/pull/1757/commits/c2808a0493243f618bbbb3459af23c7da3dc5485
github	www.github.com/sec-it/exploit-CVE-2018-15139
databreaches	www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity
databreaches	www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/
packetstormsecurity	www.packetstormsecurity.com/files/163110/OpenEMR-5.0.1.3-Shell-Upload.html
packetstormsecurity	www.packetstormsecurity.com/files/163482/OpenEMR-5.0.1.3-Shell-Upload.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Aug 2018 00:00Current

3.7Low risk

Vulners AI Score3.7

EPSS0.68835