Lucene search
MitreCVELIST:CVE-2018-15139HistoryAug 13, 2018 - 6:00 p.m.
CVE-2018-15139
2018-08-1318:00:00
mitre
www.cve.org
4
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
References
packetstormsecurity.com/files/163110/OpenEMR-5.0.1.3-Shell-Upload.html
packetstormsecurity.com/files/163482/OpenEMR-5.0.1.3-Shell-Upload.html
github.com/Hacker5preme/Exploits/tree/main/CVE-2018-15139-Exploit
github.com/openemr/openemr/pull/1757/commits/c2808a0493243f618bbbb3459af23c7da3dc5485
www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/
Related
packetstorm
packetstorm
OpenEMR 5.0.1.3 Shell Upload
2021-06-14 00:00:00
OpenEMR 5.0.1.3 Shell Upload
2021-07-13 00:00:00
nvd
nvd
CVE-2018-15139
2018-08-13 18:29:00
attackerkb
attackerkb
CVE-2018-15139
2018-08-13 00:00:00
prion
prion
Unrestricted file upload
2018-08-13 18:29:00
osv
osv
CVE-2018-15139
2018-08-13 18:29:00
zdt
zdt
cve
cve
CVE-2018-15139
2018-08-13 18:29:00
exploitdb
exploitdb
checkpoint_advisories
checkpoint_advisories
openvas
openvas
OpenEMR < 5.0.1.4 Multiple Vulnerabilities
2018-08-14 00:00:00