Lucene search

CVE-2020-29143

🗓️ 15 Feb 2021 21:13:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 27 Views🌐 WEB

SQL injection vuln in OpenEMR before 5.0.2.5, allowing remote attackers to execute arbitrary SQL commands

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
CNVD	OpenEMR SQL Injection Vulnerability (CNVD-2021-13205)	25 Feb 202100:00	–	cnvd
Cvelist	CVE-2020-29143	15 Feb 202120:27	–	cvelist
Prion	Sql injection	15 Feb 202121:15	–	prion
NVD	CVE-2020-29143	15 Feb 202121:15	–	nvd
OpenVAS	OpenEMR < 5.0.2-5 Multiple Vulnerabilities	16 Feb 202100:00	–	openvas

Nvd

Node

open-emr openemrRange<5.0.2.5

Source	Link
community	www.community.open-emr.org/t/openemr-6-0-0-has-been-released/15732
nitroteam	www.nitroteam.kz/index.php
murat	www.murat.one/
open-emr	www.open-emr.org/wiki/index.php/OpenEMR_Downloads

Parameter	Position	Path	Description	CWE
form_code	query param	/interface/reports/non_reported.php	A SQL injection vulnerability allows remote authenticated attackers to execute arbitrary SQL commands.	CWE-89

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Feb 2021 21:15Current

7.7High risk

Vulners AI Score7.7

CVSS26.5

CVSS37.2

EPSS0.00057

CWE-89