Lucene search

K

MitreCVELIST:CVE-2020-29142

HistoryFeb 15, 2021 - 8:00 p.m.

CVE-2020-29142

2021-02-1520:00:31

mitre

www.cve.org

1

cve-2020-29142

sql injection

openemr.

AI Score

7.8

Confidence

High

EPSS

0.003

Percentile

69.6%

A SQL injection vulnerability in interface/usergroup/usergroup_admin.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the schedule_facility parameter when restrict_user_facility=on is in global settings.

References

community.open-emr.org/t/openemr-6-0-0-has-been-released/15732

murat.one/?p=90

nitroteam.kz/index.php?action=researches&slug=OpenEMR--9035

www.open-emr.org/wiki/index.php/OpenEMR_Downloads

www.open-emr.org/wiki/index.php/OpenEMR_Patches

AI Score

7.8

Confidence

High

EPSS

0.003

Percentile

69.6%

Related for CVELIST:CVE-2020-29142

cve1 nvd1 prion1 openvas1