Lucene search
MitreCVELIST:CVE-2018-15142HistoryAug 13, 2018 - 6:00 p.m.
CVE-2018-15142
2018-08-1318:00:00
mitre
www.cve.org
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the “docid” and “content” parameters and accessing it in the traversed directory.
Related
cve
cve
CVE-2018-15142
2018-08-13 18:29:00
nvd
nvd
CVE-2018-15142
2018-08-13 18:29:00
dsquare
dsquare
OpenEMR File Upload
2018-08-18 00:00:00
prion
prion
Directory traversal
2018-08-13 18:29:00
osv
osv
CVE-2018-15142
2018-08-13 18:29:00
attackerkb
attackerkb
CVE-2018-15142
2018-08-13 00:00:00
exploitpack
exploitpack
OpenEMR 5.0.1.3 - (Authenticated) Arbitrary File Actions
2018-08-16 00:00:00
zdt
zdt
OpenEMR 5.0.1.3 - Arbitrary File Actions Vulnerability
2018-08-16 00:00:00
packetstorm
packetstorm
OpenEMR 5.0.1.3 File Read / Write / Delete
2018-08-16 00:00:00
exploitdb
exploitdb
OpenEMR 5.0.1.3 - (Authenticated) Arbitrary File Actions
2018-08-16 00:00:00
openvas
openvas
OpenEMR < 5.0.1.4 Multiple Vulnerabilities
2018-08-14 00:00:00